./Ultimate.py --spec ../sv-benchmarks/c/properties/valid-memsafety.prp --file ../sv-benchmarks/c/memsafety/test-0214.i --full-output -ea --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 03d7b7b3 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -ea -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerMemDerefMemtrack.xml -i ../sv-benchmarks/c/memsafety/test-0214.i -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 3f6f146d76d903376288fe056dbbc9e1a8443f92d5e8b82343734efc8a9842e4 --- Real Ultimate output --- This is Ultimate 0.2.2-dev-03d7b7b [2022-02-20 23:44:55,123 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-02-20 23:44:55,124 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-02-20 23:44:55,146 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-02-20 23:44:55,147 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-02-20 23:44:55,148 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-02-20 23:44:55,149 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-02-20 23:44:55,150 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-02-20 23:44:55,152 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-02-20 23:44:55,152 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-02-20 23:44:55,153 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-02-20 23:44:55,154 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-02-20 23:44:55,155 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-02-20 23:44:55,155 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-02-20 23:44:55,156 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-02-20 23:44:55,157 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-02-20 23:44:55,158 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-02-20 23:44:55,159 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-02-20 23:44:55,160 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-02-20 23:44:55,161 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-02-20 23:44:55,163 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-02-20 23:44:55,168 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-02-20 23:44:55,169 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-02-20 23:44:55,169 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-02-20 23:44:55,171 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-02-20 23:44:55,172 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-02-20 23:44:55,172 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-02-20 23:44:55,173 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-02-20 23:44:55,173 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-02-20 23:44:55,174 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-02-20 23:44:55,174 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-02-20 23:44:55,175 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-02-20 23:44:55,176 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-02-20 23:44:55,176 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-02-20 23:44:55,177 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-02-20 23:44:55,177 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-02-20 23:44:55,178 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-02-20 23:44:55,178 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-02-20 23:44:55,179 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-02-20 23:44:55,179 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-02-20 23:44:55,180 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-02-20 23:44:55,185 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf [2022-02-20 23:44:55,207 INFO L113 SettingsManager]: Loading preferences was successful [2022-02-20 23:44:55,208 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-02-20 23:44:55,209 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-02-20 23:44:55,209 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-02-20 23:44:55,209 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-02-20 23:44:55,210 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-02-20 23:44:55,214 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-02-20 23:44:55,214 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-02-20 23:44:55,214 INFO L138 SettingsManager]: * Use SBE=true [2022-02-20 23:44:55,215 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-02-20 23:44:55,221 INFO L138 SettingsManager]: * sizeof long=4 [2022-02-20 23:44:55,221 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-02-20 23:44:55,221 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-02-20 23:44:55,222 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-02-20 23:44:55,222 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-02-20 23:44:55,222 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-02-20 23:44:55,222 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-02-20 23:44:55,222 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-02-20 23:44:55,222 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-02-20 23:44:55,223 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-02-20 23:44:55,223 INFO L138 SettingsManager]: * sizeof long double=12 [2022-02-20 23:44:55,223 INFO L138 SettingsManager]: * Use constant arrays=true [2022-02-20 23:44:55,223 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-02-20 23:44:55,224 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-02-20 23:44:55,224 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-02-20 23:44:55,224 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:44:55,224 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-02-20 23:44:55,224 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-02-20 23:44:55,225 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-02-20 23:44:55,225 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-02-20 23:44:55,225 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 3f6f146d76d903376288fe056dbbc9e1a8443f92d5e8b82343734efc8a9842e4 [2022-02-20 23:44:55,431 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-02-20 23:44:55,447 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-02-20 23:44:55,449 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-02-20 23:44:55,450 INFO L271 PluginConnector]: Initializing CDTParser... [2022-02-20 23:44:55,451 INFO L275 PluginConnector]: CDTParser initialized [2022-02-20 23:44:55,452 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/memsafety/test-0214.i [2022-02-20 23:44:55,511 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c1c5da672/261238c33d0a4f1fb5a8a6d86576cc58/FLAGc3199101a [2022-02-20 23:44:55,992 INFO L306 CDTParser]: Found 1 translation units. [2022-02-20 23:44:56,007 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/memsafety/test-0214.i [2022-02-20 23:44:56,029 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c1c5da672/261238c33d0a4f1fb5a8a6d86576cc58/FLAGc3199101a [2022-02-20 23:44:56,527 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c1c5da672/261238c33d0a4f1fb5a8a6d86576cc58 [2022-02-20 23:44:56,529 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-02-20 23:44:56,530 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-02-20 23:44:56,533 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-02-20 23:44:56,534 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-02-20 23:44:56,536 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-02-20 23:44:56,536 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:44:56" (1/1) ... [2022-02-20 23:44:56,537 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@62ff9b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:56, skipping insertion in model container [2022-02-20 23:44:56,537 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.02 11:44:56" (1/1) ... [2022-02-20 23:44:56,543 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-02-20 23:44:56,573 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-02-20 23:44:56,886 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:44:56,900 INFO L203 MainTranslator]: Completed pre-run [2022-02-20 23:44:56,981 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-02-20 23:44:57,012 INFO L208 MainTranslator]: Completed translation [2022-02-20 23:44:57,012 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:57 WrapperNode [2022-02-20 23:44:57,012 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-02-20 23:44:57,013 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-02-20 23:44:57,013 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-02-20 23:44:57,013 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-02-20 23:44:57,018 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:57" (1/1) ... [2022-02-20 23:44:57,033 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:57" (1/1) ... [2022-02-20 23:44:57,066 INFO L137 Inliner]: procedures = 181, calls = 42, calls flagged for inlining = 7, calls inlined = 7, statements flattened = 181 [2022-02-20 23:44:57,066 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-02-20 23:44:57,067 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-02-20 23:44:57,067 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-02-20 23:44:57,067 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-02-20 23:44:57,073 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:57" (1/1) ... [2022-02-20 23:44:57,073 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:57" (1/1) ... [2022-02-20 23:44:57,078 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:57" (1/1) ... [2022-02-20 23:44:57,078 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:57" (1/1) ... [2022-02-20 23:44:57,089 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:57" (1/1) ... [2022-02-20 23:44:57,094 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:57" (1/1) ... [2022-02-20 23:44:57,096 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:57" (1/1) ... [2022-02-20 23:44:57,099 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-02-20 23:44:57,100 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-02-20 23:44:57,100 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-02-20 23:44:57,100 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-02-20 23:44:57,101 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:57" (1/1) ... [2022-02-20 23:44:57,117 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-02-20 23:44:57,130 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:44:57,141 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-02-20 23:44:57,157 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-02-20 23:44:57,178 INFO L130 BoogieDeclarations]: Found specification of procedure rand_end_point [2022-02-20 23:44:57,178 INFO L138 BoogieDeclarations]: Found implementation of procedure rand_end_point [2022-02-20 23:44:57,178 INFO L130 BoogieDeclarations]: Found specification of procedure write~int [2022-02-20 23:44:57,179 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2022-02-20 23:44:57,179 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-02-20 23:44:57,179 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2022-02-20 23:44:57,179 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2022-02-20 23:44:57,179 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2022-02-20 23:44:57,180 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2022-02-20 23:44:57,180 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-02-20 23:44:57,180 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-02-20 23:44:57,180 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-02-20 23:44:57,303 INFO L234 CfgBuilder]: Building ICFG [2022-02-20 23:44:57,304 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-02-20 23:44:57,886 INFO L275 CfgBuilder]: Performing block encoding [2022-02-20 23:44:57,895 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-02-20 23:44:57,896 INFO L299 CfgBuilder]: Removed 4 assume(true) statements. [2022-02-20 23:44:57,898 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:44:57 BoogieIcfgContainer [2022-02-20 23:44:57,898 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-02-20 23:44:57,901 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-02-20 23:44:57,902 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-02-20 23:44:57,904 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-02-20 23:44:57,905 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.02 11:44:56" (1/3) ... [2022-02-20 23:44:57,905 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6c24968d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:44:57, skipping insertion in model container [2022-02-20 23:44:57,906 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.02 11:44:57" (2/3) ... [2022-02-20 23:44:57,906 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6c24968d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.02 11:44:57, skipping insertion in model container [2022-02-20 23:44:57,906 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.02 11:44:57" (3/3) ... [2022-02-20 23:44:57,911 INFO L111 eAbstractionObserver]: Analyzing ICFG test-0214.i [2022-02-20 23:44:57,917 INFO L205 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-02-20 23:44:57,917 INFO L164 ceAbstractionStarter]: Applying trace abstraction to program that has 57 error locations. [2022-02-20 23:44:57,960 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-02-20 23:44:57,965 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2022-02-20 23:44:57,965 INFO L340 AbstractCegarLoop]: Starting to check reachability of 57 error locations. [2022-02-20 23:44:57,984 INFO L276 IsEmpty]: Start isEmpty. Operand has 146 states, 85 states have (on average 1.9294117647058824) internal successors, (164), 142 states have internal predecessors, (164), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:44:57,988 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 7 [2022-02-20 23:44:57,989 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:44:57,989 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1] [2022-02-20 23:44:57,990 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting ULTIMATE.startErr49REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:44:57,994 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:44:57,994 INFO L85 PathProgramCache]: Analyzing trace with hash 1073379816, now seen corresponding path program 1 times [2022-02-20 23:44:58,000 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:44:58,001 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1076357766] [2022-02-20 23:44:58,001 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:44:58,002 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:44:58,069 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:44:58,115 INFO L290 TraceCheckUtils]: 0: Hoare triple {149#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {149#true} is VALID [2022-02-20 23:44:58,116 INFO L290 TraceCheckUtils]: 1: Hoare triple {149#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {149#true} is VALID [2022-02-20 23:44:58,116 INFO L290 TraceCheckUtils]: 2: Hoare triple {149#true} assume !true; {150#false} is VALID [2022-02-20 23:44:58,117 INFO L290 TraceCheckUtils]: 3: Hoare triple {150#false} havoc main_~end_point~0#1;havoc main_~direction~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647; {150#false} is VALID [2022-02-20 23:44:58,117 INFO L290 TraceCheckUtils]: 4: Hoare triple {150#false} assume !(0 != main_#t~nondet26#1);havoc main_#t~nondet26#1;main_~end_point~0#1 := ~unnamed1~0~LIST_END;main_~direction~0#1 := ~unnamed2~0~ITEM_PREV; {150#false} is VALID [2022-02-20 23:44:58,117 INFO L290 TraceCheckUtils]: 5: Hoare triple {150#false} assume !(1 == #valid[~#list~0.base]); {150#false} is VALID [2022-02-20 23:44:58,118 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:44:58,118 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:44:58,119 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1076357766] [2022-02-20 23:44:58,119 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1076357766] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:44:58,119 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:44:58,120 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:44:58,121 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1076128009] [2022-02-20 23:44:58,122 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:44:58,125 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 3.0) internal successors, (6), 2 states have internal predecessors, (6), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 6 [2022-02-20 23:44:58,126 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:44:58,128 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 2 states, 2 states have (on average 3.0) internal successors, (6), 2 states have internal predecessors, (6), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:44:58,136 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 6 edges. 6 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:44:58,136 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-02-20 23:44:58,137 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:44:58,154 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-02-20 23:44:58,155 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 23:44:58,158 INFO L87 Difference]: Start difference. First operand has 146 states, 85 states have (on average 1.9294117647058824) internal successors, (164), 142 states have internal predecessors, (164), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Second operand has 2 states, 2 states have (on average 3.0) internal successors, (6), 2 states have internal predecessors, (6), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:44:58,285 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:44:58,285 INFO L93 Difference]: Finished difference Result 146 states and 163 transitions. [2022-02-20 23:44:58,286 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-02-20 23:44:58,286 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 3.0) internal successors, (6), 2 states have internal predecessors, (6), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 6 [2022-02-20 23:44:58,286 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:44:58,287 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 3.0) internal successors, (6), 2 states have internal predecessors, (6), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:44:58,299 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 168 transitions. [2022-02-20 23:44:58,299 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2 states, 2 states have (on average 3.0) internal successors, (6), 2 states have internal predecessors, (6), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:44:58,304 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2 states to 2 states and 168 transitions. [2022-02-20 23:44:58,304 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 2 states and 168 transitions. [2022-02-20 23:44:58,434 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 168 edges. 168 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:44:58,454 INFO L225 Difference]: With dead ends: 146 [2022-02-20 23:44:58,454 INFO L226 Difference]: Without dead ends: 144 [2022-02-20 23:44:58,456 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-02-20 23:44:58,459 INFO L933 BasicCegarLoop]: 163 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 163 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:44:58,460 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 163 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:44:58,473 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 144 states. [2022-02-20 23:44:58,488 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 144 to 144. [2022-02-20 23:44:58,488 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:44:58,489 INFO L82 GeneralOperation]: Start isEquivalent. First operand 144 states. Second operand has 144 states, 84 states have (on average 1.869047619047619) internal successors, (157), 140 states have internal predecessors, (157), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:44:58,491 INFO L74 IsIncluded]: Start isIncluded. First operand 144 states. Second operand has 144 states, 84 states have (on average 1.869047619047619) internal successors, (157), 140 states have internal predecessors, (157), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:44:58,492 INFO L87 Difference]: Start difference. First operand 144 states. Second operand has 144 states, 84 states have (on average 1.869047619047619) internal successors, (157), 140 states have internal predecessors, (157), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:44:58,500 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:44:58,501 INFO L93 Difference]: Finished difference Result 144 states and 161 transitions. [2022-02-20 23:44:58,501 INFO L276 IsEmpty]: Start isEmpty. Operand 144 states and 161 transitions. [2022-02-20 23:44:58,502 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:44:58,502 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:44:58,503 INFO L74 IsIncluded]: Start isIncluded. First operand has 144 states, 84 states have (on average 1.869047619047619) internal successors, (157), 140 states have internal predecessors, (157), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Second operand 144 states. [2022-02-20 23:44:58,503 INFO L87 Difference]: Start difference. First operand has 144 states, 84 states have (on average 1.869047619047619) internal successors, (157), 140 states have internal predecessors, (157), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Second operand 144 states. [2022-02-20 23:44:58,510 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:44:58,511 INFO L93 Difference]: Finished difference Result 144 states and 161 transitions. [2022-02-20 23:44:58,511 INFO L276 IsEmpty]: Start isEmpty. Operand 144 states and 161 transitions. [2022-02-20 23:44:58,512 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:44:58,512 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:44:58,512 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:44:58,513 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:44:58,513 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 144 states, 84 states have (on average 1.869047619047619) internal successors, (157), 140 states have internal predecessors, (157), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-02-20 23:44:58,519 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 144 states to 144 states and 161 transitions. [2022-02-20 23:44:58,520 INFO L78 Accepts]: Start accepts. Automaton has 144 states and 161 transitions. Word has length 6 [2022-02-20 23:44:58,520 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:44:58,521 INFO L470 AbstractCegarLoop]: Abstraction has 144 states and 161 transitions. [2022-02-20 23:44:58,521 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 3.0) internal successors, (6), 2 states have internal predecessors, (6), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:44:58,521 INFO L276 IsEmpty]: Start isEmpty. Operand 144 states and 161 transitions. [2022-02-20 23:44:58,521 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 8 [2022-02-20 23:44:58,521 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:44:58,521 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:44:58,522 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-02-20 23:44:58,522 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting ULTIMATE.startErr49REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:44:58,522 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:44:58,523 INFO L85 PathProgramCache]: Analyzing trace with hash -1280367911, now seen corresponding path program 1 times [2022-02-20 23:44:58,523 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:44:58,523 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1860949436] [2022-02-20 23:44:58,523 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:44:58,523 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:44:58,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:44:58,611 INFO L290 TraceCheckUtils]: 0: Hoare triple {731#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {733#(and (= (select |#valid| |~#list~0.base|) 1) (= (select |#valid| |~#list~0.base|) (select |#valid| 3)))} is VALID [2022-02-20 23:44:58,612 INFO L290 TraceCheckUtils]: 1: Hoare triple {733#(and (= (select |#valid| |~#list~0.base|) 1) (= (select |#valid| |~#list~0.base|) (select |#valid| 3)))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {733#(and (= (select |#valid| |~#list~0.base|) 1) (= (select |#valid| |~#list~0.base|) (select |#valid| 3)))} is VALID [2022-02-20 23:44:58,613 INFO L290 TraceCheckUtils]: 2: Hoare triple {733#(and (= (select |#valid| |~#list~0.base|) 1) (= (select |#valid| |~#list~0.base|) (select |#valid| 3)))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {733#(and (= (select |#valid| |~#list~0.base|) 1) (= (select |#valid| |~#list~0.base|) (select |#valid| 3)))} is VALID [2022-02-20 23:44:58,613 INFO L290 TraceCheckUtils]: 3: Hoare triple {733#(and (= (select |#valid| |~#list~0.base|) 1) (= (select |#valid| |~#list~0.base|) (select |#valid| 3)))} assume !(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {733#(and (= (select |#valid| |~#list~0.base|) 1) (= (select |#valid| |~#list~0.base|) (select |#valid| 3)))} is VALID [2022-02-20 23:44:58,615 INFO L290 TraceCheckUtils]: 4: Hoare triple {733#(and (= (select |#valid| |~#list~0.base|) 1) (= (select |#valid| |~#list~0.base|) (select |#valid| 3)))} havoc main_~end_point~0#1;havoc main_~direction~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647; {733#(and (= (select |#valid| |~#list~0.base|) 1) (= (select |#valid| |~#list~0.base|) (select |#valid| 3)))} is VALID [2022-02-20 23:44:58,615 INFO L290 TraceCheckUtils]: 5: Hoare triple {733#(and (= (select |#valid| |~#list~0.base|) 1) (= (select |#valid| |~#list~0.base|) (select |#valid| 3)))} assume !(0 != main_#t~nondet26#1);havoc main_#t~nondet26#1;main_~end_point~0#1 := ~unnamed1~0~LIST_END;main_~direction~0#1 := ~unnamed2~0~ITEM_PREV; {733#(and (= (select |#valid| |~#list~0.base|) 1) (= (select |#valid| |~#list~0.base|) (select |#valid| 3)))} is VALID [2022-02-20 23:44:58,616 INFO L290 TraceCheckUtils]: 6: Hoare triple {733#(and (= (select |#valid| |~#list~0.base|) 1) (= (select |#valid| |~#list~0.base|) (select |#valid| 3)))} assume !(1 == #valid[~#list~0.base]); {732#false} is VALID [2022-02-20 23:44:58,617 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:44:58,618 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:44:58,618 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1860949436] [2022-02-20 23:44:58,619 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1860949436] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:44:58,619 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:44:58,619 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [1] imperfect sequences [] total 1 [2022-02-20 23:44:58,619 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [721862000] [2022-02-20 23:44:58,619 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:44:58,621 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 7 [2022-02-20 23:44:58,621 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:44:58,621 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:44:58,628 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 7 edges. 7 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:44:58,629 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 23:44:58,629 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:44:58,629 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 23:44:58,630 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:44:58,630 INFO L87 Difference]: Start difference. First operand 144 states and 161 transitions. Second operand has 3 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:44:59,025 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:44:59,026 INFO L93 Difference]: Finished difference Result 279 states and 312 transitions. [2022-02-20 23:44:59,026 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 23:44:59,026 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 7 [2022-02-20 23:44:59,027 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:44:59,027 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:44:59,032 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 313 transitions. [2022-02-20 23:44:59,032 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:44:59,036 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 313 transitions. [2022-02-20 23:44:59,036 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 313 transitions. [2022-02-20 23:44:59,305 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 313 edges. 313 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:44:59,314 INFO L225 Difference]: With dead ends: 279 [2022-02-20 23:44:59,314 INFO L226 Difference]: Without dead ends: 279 [2022-02-20 23:44:59,314 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 1 GetRequests, 0 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:44:59,322 INFO L933 BasicCegarLoop]: 108 mSDtfsCounter, 142 mSDsluCounter, 101 mSDsCounter, 0 mSdLazyCounter, 113 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 209 SdHoareTripleChecker+Invalid, 114 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 113 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:44:59,323 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [142 Valid, 209 Invalid, 114 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 113 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:44:59,325 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 279 states. [2022-02-20 23:44:59,338 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 279 to 193. [2022-02-20 23:44:59,341 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:44:59,342 INFO L82 GeneralOperation]: Start isEquivalent. First operand 279 states. Second operand has 193 states, 130 states have (on average 1.8461538461538463) internal successors, (240), 186 states have internal predecessors, (240), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:44:59,343 INFO L74 IsIncluded]: Start isIncluded. First operand 279 states. Second operand has 193 states, 130 states have (on average 1.8461538461538463) internal successors, (240), 186 states have internal predecessors, (240), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:44:59,344 INFO L87 Difference]: Start difference. First operand 279 states. Second operand has 193 states, 130 states have (on average 1.8461538461538463) internal successors, (240), 186 states have internal predecessors, (240), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:44:59,355 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:44:59,355 INFO L93 Difference]: Finished difference Result 279 states and 312 transitions. [2022-02-20 23:44:59,355 INFO L276 IsEmpty]: Start isEmpty. Operand 279 states and 312 transitions. [2022-02-20 23:44:59,362 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:44:59,363 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:44:59,363 INFO L74 IsIncluded]: Start isIncluded. First operand has 193 states, 130 states have (on average 1.8461538461538463) internal successors, (240), 186 states have internal predecessors, (240), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Second operand 279 states. [2022-02-20 23:44:59,364 INFO L87 Difference]: Start difference. First operand has 193 states, 130 states have (on average 1.8461538461538463) internal successors, (240), 186 states have internal predecessors, (240), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Second operand 279 states. [2022-02-20 23:44:59,378 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:44:59,378 INFO L93 Difference]: Finished difference Result 279 states and 312 transitions. [2022-02-20 23:44:59,379 INFO L276 IsEmpty]: Start isEmpty. Operand 279 states and 312 transitions. [2022-02-20 23:44:59,379 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:44:59,379 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:44:59,379 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:44:59,380 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:44:59,380 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 193 states, 130 states have (on average 1.8461538461538463) internal successors, (240), 186 states have internal predecessors, (240), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-02-20 23:44:59,387 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 193 states to 193 states and 248 transitions. [2022-02-20 23:44:59,387 INFO L78 Accepts]: Start accepts. Automaton has 193 states and 248 transitions. Word has length 7 [2022-02-20 23:44:59,387 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:44:59,388 INFO L470 AbstractCegarLoop]: Abstraction has 193 states and 248 transitions. [2022-02-20 23:44:59,388 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 3.5) internal successors, (7), 2 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:44:59,388 INFO L276 IsEmpty]: Start isEmpty. Operand 193 states and 248 transitions. [2022-02-20 23:44:59,388 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 8 [2022-02-20 23:44:59,389 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:44:59,389 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:44:59,389 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-02-20 23:44:59,390 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting ULTIMATE.startErr50REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:44:59,391 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:44:59,391 INFO L85 PathProgramCache]: Analyzing trace with hash -1280367910, now seen corresponding path program 1 times [2022-02-20 23:44:59,392 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:44:59,392 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [102974793] [2022-02-20 23:44:59,392 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:44:59,393 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:44:59,428 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:44:59,558 INFO L290 TraceCheckUtils]: 0: Hoare triple {1766#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {1768#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:44:59,559 INFO L290 TraceCheckUtils]: 1: Hoare triple {1768#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {1768#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:44:59,559 INFO L290 TraceCheckUtils]: 2: Hoare triple {1768#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {1768#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:44:59,560 INFO L290 TraceCheckUtils]: 3: Hoare triple {1768#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume !(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {1768#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:44:59,561 INFO L290 TraceCheckUtils]: 4: Hoare triple {1768#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} havoc main_~end_point~0#1;havoc main_~direction~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647; {1768#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:44:59,561 INFO L290 TraceCheckUtils]: 5: Hoare triple {1768#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume !(0 != main_#t~nondet26#1);havoc main_#t~nondet26#1;main_~end_point~0#1 := ~unnamed1~0~LIST_END;main_~direction~0#1 := ~unnamed2~0~ITEM_PREV; {1769#(and (<= (* ~unnamed1~0~LIST_END 4) (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|)) (= (select |#length| |~#list~0.base|) 8) (<= (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)))} is VALID [2022-02-20 23:44:59,562 INFO L290 TraceCheckUtils]: 6: Hoare triple {1769#(and (<= (* ~unnamed1~0~LIST_END 4) (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|)) (= (select |#length| |~#list~0.base|) 8) (<= (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)))} assume !(4 + (~#list~0.offset + 4 * main_~end_point~0#1) <= #length[~#list~0.base] && 0 <= ~#list~0.offset + 4 * main_~end_point~0#1); {1767#false} is VALID [2022-02-20 23:44:59,562 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:44:59,563 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:44:59,563 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [102974793] [2022-02-20 23:44:59,563 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [102974793] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:44:59,563 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:44:59,563 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:44:59,563 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1943040536] [2022-02-20 23:44:59,564 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:44:59,564 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 7 [2022-02-20 23:44:59,564 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:44:59,564 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:44:59,571 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 7 edges. 7 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:44:59,571 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:44:59,571 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:44:59,571 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:44:59,572 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:44:59,572 INFO L87 Difference]: Start difference. First operand 193 states and 248 transitions. Second operand has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:00,046 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:00,047 INFO L93 Difference]: Finished difference Result 342 states and 424 transitions. [2022-02-20 23:45:00,047 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:45:00,047 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 7 [2022-02-20 23:45:00,048 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:00,048 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:00,052 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 294 transitions. [2022-02-20 23:45:00,052 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:00,056 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 294 transitions. [2022-02-20 23:45:00,056 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 294 transitions. [2022-02-20 23:45:00,292 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 294 edges. 294 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:00,301 INFO L225 Difference]: With dead ends: 342 [2022-02-20 23:45:00,301 INFO L226 Difference]: Without dead ends: 342 [2022-02-20 23:45:00,302 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 0 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:45:00,303 INFO L933 BasicCegarLoop]: 133 mSDtfsCounter, 145 mSDsluCounter, 217 mSDsCounter, 0 mSdLazyCounter, 135 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 145 SdHoareTripleChecker+Valid, 350 SdHoareTripleChecker+Invalid, 135 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 135 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:00,303 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [145 Valid, 350 Invalid, 135 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 135 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:00,304 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 342 states. [2022-02-20 23:45:00,316 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 342 to 270. [2022-02-20 23:45:00,316 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:00,317 INFO L82 GeneralOperation]: Start isEquivalent. First operand 342 states. Second operand has 270 states, 201 states have (on average 1.8059701492537314) internal successors, (363), 259 states have internal predecessors, (363), 8 states have call successors, (8), 4 states have call predecessors, (8), 4 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:45:00,318 INFO L74 IsIncluded]: Start isIncluded. First operand 342 states. Second operand has 270 states, 201 states have (on average 1.8059701492537314) internal successors, (363), 259 states have internal predecessors, (363), 8 states have call successors, (8), 4 states have call predecessors, (8), 4 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:45:00,318 INFO L87 Difference]: Start difference. First operand 342 states. Second operand has 270 states, 201 states have (on average 1.8059701492537314) internal successors, (363), 259 states have internal predecessors, (363), 8 states have call successors, (8), 4 states have call predecessors, (8), 4 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:45:00,329 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:00,329 INFO L93 Difference]: Finished difference Result 342 states and 424 transitions. [2022-02-20 23:45:00,329 INFO L276 IsEmpty]: Start isEmpty. Operand 342 states and 424 transitions. [2022-02-20 23:45:00,330 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:00,330 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:00,331 INFO L74 IsIncluded]: Start isIncluded. First operand has 270 states, 201 states have (on average 1.8059701492537314) internal successors, (363), 259 states have internal predecessors, (363), 8 states have call successors, (8), 4 states have call predecessors, (8), 4 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) Second operand 342 states. [2022-02-20 23:45:00,332 INFO L87 Difference]: Start difference. First operand has 270 states, 201 states have (on average 1.8059701492537314) internal successors, (363), 259 states have internal predecessors, (363), 8 states have call successors, (8), 4 states have call predecessors, (8), 4 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) Second operand 342 states. [2022-02-20 23:45:00,342 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:00,342 INFO L93 Difference]: Finished difference Result 342 states and 424 transitions. [2022-02-20 23:45:00,343 INFO L276 IsEmpty]: Start isEmpty. Operand 342 states and 424 transitions. [2022-02-20 23:45:00,343 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:00,344 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:00,344 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:00,344 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:00,345 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 270 states, 201 states have (on average 1.8059701492537314) internal successors, (363), 259 states have internal predecessors, (363), 8 states have call successors, (8), 4 states have call predecessors, (8), 4 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:45:00,353 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 270 states to 270 states and 379 transitions. [2022-02-20 23:45:00,353 INFO L78 Accepts]: Start accepts. Automaton has 270 states and 379 transitions. Word has length 7 [2022-02-20 23:45:00,353 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:00,353 INFO L470 AbstractCegarLoop]: Abstraction has 270 states and 379 transitions. [2022-02-20 23:45:00,354 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:00,354 INFO L276 IsEmpty]: Start isEmpty. Operand 270 states and 379 transitions. [2022-02-20 23:45:00,354 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 8 [2022-02-20 23:45:00,354 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:00,354 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:00,354 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-02-20 23:45:00,355 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting ULTIMATE.startErr50REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:00,355 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:00,355 INFO L85 PathProgramCache]: Analyzing trace with hash -1280367972, now seen corresponding path program 1 times [2022-02-20 23:45:00,356 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:00,356 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [756338489] [2022-02-20 23:45:00,356 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:00,356 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:00,368 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:00,446 INFO L290 TraceCheckUtils]: 0: Hoare triple {3070#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {3072#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:00,446 INFO L290 TraceCheckUtils]: 1: Hoare triple {3072#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {3072#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:00,447 INFO L290 TraceCheckUtils]: 2: Hoare triple {3072#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {3072#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:00,448 INFO L290 TraceCheckUtils]: 3: Hoare triple {3072#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume !(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {3072#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:00,448 INFO L290 TraceCheckUtils]: 4: Hoare triple {3072#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} havoc main_~end_point~0#1;havoc main_~direction~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647; {3072#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:00,449 INFO L290 TraceCheckUtils]: 5: Hoare triple {3072#(and (= (select |#length| |~#list~0.base|) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume 0 != main_#t~nondet26#1;havoc main_#t~nondet26#1;main_~end_point~0#1 := ~unnamed1~0~LIST_BEG;main_~direction~0#1 := ~unnamed2~0~ITEM_NEXT; {3073#(and (<= (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|) (* ~unnamed1~0~LIST_BEG 4)) (= (select |#length| |~#list~0.base|) 8) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|)))} is VALID [2022-02-20 23:45:00,450 INFO L290 TraceCheckUtils]: 6: Hoare triple {3073#(and (<= (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|) (* ~unnamed1~0~LIST_BEG 4)) (= (select |#length| |~#list~0.base|) 8) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|)))} assume !(4 + (~#list~0.offset + 4 * main_~end_point~0#1) <= #length[~#list~0.base] && 0 <= ~#list~0.offset + 4 * main_~end_point~0#1); {3071#false} is VALID [2022-02-20 23:45:00,450 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:00,450 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:00,450 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [756338489] [2022-02-20 23:45:00,451 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [756338489] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:00,451 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:00,451 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:45:00,451 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [336455117] [2022-02-20 23:45:00,451 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:00,452 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 7 [2022-02-20 23:45:00,452 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:00,452 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:00,458 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 7 edges. 7 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:00,458 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:45:00,458 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:00,459 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:45:00,459 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:00,459 INFO L87 Difference]: Start difference. First operand 270 states and 379 transitions. Second operand has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:00,927 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:00,927 INFO L93 Difference]: Finished difference Result 341 states and 422 transitions. [2022-02-20 23:45:00,927 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:45:00,928 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 7 [2022-02-20 23:45:00,928 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:00,928 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:00,931 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 293 transitions. [2022-02-20 23:45:00,931 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:00,935 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 293 transitions. [2022-02-20 23:45:00,935 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 293 transitions. [2022-02-20 23:45:01,162 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 293 edges. 293 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:01,169 INFO L225 Difference]: With dead ends: 341 [2022-02-20 23:45:01,169 INFO L226 Difference]: Without dead ends: 341 [2022-02-20 23:45:01,169 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 0 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:45:01,170 INFO L933 BasicCegarLoop]: 147 mSDtfsCounter, 127 mSDsluCounter, 217 mSDsCounter, 0 mSdLazyCounter, 138 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 127 SdHoareTripleChecker+Valid, 364 SdHoareTripleChecker+Invalid, 138 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 138 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:01,171 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [127 Valid, 364 Invalid, 138 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 138 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:01,172 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 341 states. [2022-02-20 23:45:01,179 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 341 to 270. [2022-02-20 23:45:01,179 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:01,180 INFO L82 GeneralOperation]: Start isEquivalent. First operand 341 states. Second operand has 270 states, 201 states have (on average 1.8059701492537314) internal successors, (363), 259 states have internal predecessors, (363), 8 states have call successors, (8), 4 states have call predecessors, (8), 4 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:45:01,181 INFO L74 IsIncluded]: Start isIncluded. First operand 341 states. Second operand has 270 states, 201 states have (on average 1.8059701492537314) internal successors, (363), 259 states have internal predecessors, (363), 8 states have call successors, (8), 4 states have call predecessors, (8), 4 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:45:01,182 INFO L87 Difference]: Start difference. First operand 341 states. Second operand has 270 states, 201 states have (on average 1.8059701492537314) internal successors, (363), 259 states have internal predecessors, (363), 8 states have call successors, (8), 4 states have call predecessors, (8), 4 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:45:01,192 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:01,192 INFO L93 Difference]: Finished difference Result 341 states and 422 transitions. [2022-02-20 23:45:01,192 INFO L276 IsEmpty]: Start isEmpty. Operand 341 states and 422 transitions. [2022-02-20 23:45:01,193 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:01,193 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:01,195 INFO L74 IsIncluded]: Start isIncluded. First operand has 270 states, 201 states have (on average 1.8059701492537314) internal successors, (363), 259 states have internal predecessors, (363), 8 states have call successors, (8), 4 states have call predecessors, (8), 4 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) Second operand 341 states. [2022-02-20 23:45:01,195 INFO L87 Difference]: Start difference. First operand has 270 states, 201 states have (on average 1.8059701492537314) internal successors, (363), 259 states have internal predecessors, (363), 8 states have call successors, (8), 4 states have call predecessors, (8), 4 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) Second operand 341 states. [2022-02-20 23:45:01,212 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:01,218 INFO L93 Difference]: Finished difference Result 341 states and 422 transitions. [2022-02-20 23:45:01,219 INFO L276 IsEmpty]: Start isEmpty. Operand 341 states and 422 transitions. [2022-02-20 23:45:01,219 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:01,219 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:01,220 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:01,220 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:01,221 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 270 states, 201 states have (on average 1.8059701492537314) internal successors, (363), 259 states have internal predecessors, (363), 8 states have call successors, (8), 4 states have call predecessors, (8), 4 states have return successors, (8), 6 states have call predecessors, (8), 8 states have call successors, (8) [2022-02-20 23:45:01,230 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 270 states to 270 states and 379 transitions. [2022-02-20 23:45:01,230 INFO L78 Accepts]: Start accepts. Automaton has 270 states and 379 transitions. Word has length 7 [2022-02-20 23:45:01,230 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:01,231 INFO L470 AbstractCegarLoop]: Abstraction has 270 states and 379 transitions. [2022-02-20 23:45:01,231 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 2.3333333333333335) internal successors, (7), 3 states have internal predecessors, (7), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:01,231 INFO L276 IsEmpty]: Start isEmpty. Operand 270 states and 379 transitions. [2022-02-20 23:45:01,231 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 11 [2022-02-20 23:45:01,231 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:01,232 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:01,232 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-02-20 23:45:01,233 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting ULTIMATE.startErr51REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:01,234 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:01,234 INFO L85 PathProgramCache]: Analyzing trace with hash 164318064, now seen corresponding path program 1 times [2022-02-20 23:45:01,234 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:01,234 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1784822533] [2022-02-20 23:45:01,235 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:01,235 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:01,249 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:01,358 INFO L290 TraceCheckUtils]: 0: Hoare triple {4371#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {4373#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:01,359 INFO L290 TraceCheckUtils]: 1: Hoare triple {4373#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {4373#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:01,359 INFO L290 TraceCheckUtils]: 2: Hoare triple {4373#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {4373#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:01,360 INFO L290 TraceCheckUtils]: 3: Hoare triple {4373#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume !(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {4373#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:01,361 INFO L290 TraceCheckUtils]: 4: Hoare triple {4373#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} havoc main_~end_point~0#1;havoc main_~direction~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647; {4373#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:01,361 INFO L290 TraceCheckUtils]: 5: Hoare triple {4373#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume !(0 != main_#t~nondet26#1);havoc main_#t~nondet26#1;main_~end_point~0#1 := ~unnamed1~0~LIST_END;main_~direction~0#1 := ~unnamed2~0~ITEM_PREV; {4374#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (* |ULTIMATE.start_main_~end_point~0#1| 4) 4))} is VALID [2022-02-20 23:45:01,362 INFO L290 TraceCheckUtils]: 6: Hoare triple {4374#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (* |ULTIMATE.start_main_~end_point~0#1| 4) 4))} SUMMARY for call main_#t~mem27#1.base, main_#t~mem27#1.offset := read~$Pointer$(~#list~0.base, ~#list~0.offset + 4 * main_~end_point~0#1, 4); srcloc: L733-2 {4375#(and (= |ULTIMATE.start_main_#t~mem27#1.offset| 0) (= |ULTIMATE.start_main_#t~mem27#1.base| 0))} is VALID [2022-02-20 23:45:01,363 INFO L290 TraceCheckUtils]: 7: Hoare triple {4375#(and (= |ULTIMATE.start_main_#t~mem27#1.offset| 0) (= |ULTIMATE.start_main_#t~mem27#1.base| 0))} main_~cursor~0#1.base, main_~cursor~0#1.offset := main_#t~mem27#1.base, main_#t~mem27#1.offset;havoc main_#t~mem27#1.base, main_#t~mem27#1.offset; {4376#(and (= 0 |ULTIMATE.start_main_~cursor~0#1.offset|) (= |ULTIMATE.start_main_~cursor~0#1.base| 0))} is VALID [2022-02-20 23:45:01,364 INFO L290 TraceCheckUtils]: 8: Hoare triple {4376#(and (= 0 |ULTIMATE.start_main_~cursor~0#1.offset|) (= |ULTIMATE.start_main_~cursor~0#1.base| 0))} assume !!(main_~cursor~0#1.base != 0 || main_~cursor~0#1.offset != 0); {4372#false} is VALID [2022-02-20 23:45:01,364 INFO L290 TraceCheckUtils]: 9: Hoare triple {4372#false} assume !(1 == #valid[main_~cursor~0#1.base]); {4372#false} is VALID [2022-02-20 23:45:01,364 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:01,364 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:01,364 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1784822533] [2022-02-20 23:45:01,365 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1784822533] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:01,365 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:01,365 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:45:01,365 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [629028512] [2022-02-20 23:45:01,365 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:01,366 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 10 [2022-02-20 23:45:01,366 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:01,366 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:01,376 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 10 edges. 10 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:01,377 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:45:01,377 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:01,377 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:45:01,377 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:45:01,378 INFO L87 Difference]: Start difference. First operand 270 states and 379 transitions. Second operand has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:02,054 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:02,054 INFO L93 Difference]: Finished difference Result 391 states and 519 transitions. [2022-02-20 23:45:02,055 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:45:02,055 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 10 [2022-02-20 23:45:02,055 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:02,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:02,058 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 286 transitions. [2022-02-20 23:45:02,059 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:02,067 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 286 transitions. [2022-02-20 23:45:02,068 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 286 transitions. [2022-02-20 23:45:02,295 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 286 edges. 286 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:02,304 INFO L225 Difference]: With dead ends: 391 [2022-02-20 23:45:02,304 INFO L226 Difference]: Without dead ends: 391 [2022-02-20 23:45:02,304 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:45:02,305 INFO L933 BasicCegarLoop]: 144 mSDtfsCounter, 123 mSDsluCounter, 536 mSDsCounter, 0 mSdLazyCounter, 128 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 123 SdHoareTripleChecker+Valid, 680 SdHoareTripleChecker+Invalid, 132 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 128 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:02,305 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [123 Valid, 680 Invalid, 132 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 128 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:02,306 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 391 states. [2022-02-20 23:45:02,317 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 391 to 312. [2022-02-20 23:45:02,318 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:02,318 INFO L82 GeneralOperation]: Start isEquivalent. First operand 391 states. Second operand has 312 states, 240 states have (on average 1.7916666666666667) internal successors, (430), 299 states have internal predecessors, (430), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:02,319 INFO L74 IsIncluded]: Start isIncluded. First operand 391 states. Second operand has 312 states, 240 states have (on average 1.7916666666666667) internal successors, (430), 299 states have internal predecessors, (430), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:02,320 INFO L87 Difference]: Start difference. First operand 391 states. Second operand has 312 states, 240 states have (on average 1.7916666666666667) internal successors, (430), 299 states have internal predecessors, (430), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:02,333 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:02,333 INFO L93 Difference]: Finished difference Result 391 states and 519 transitions. [2022-02-20 23:45:02,333 INFO L276 IsEmpty]: Start isEmpty. Operand 391 states and 519 transitions. [2022-02-20 23:45:02,334 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:02,335 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:02,336 INFO L74 IsIncluded]: Start isIncluded. First operand has 312 states, 240 states have (on average 1.7916666666666667) internal successors, (430), 299 states have internal predecessors, (430), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) Second operand 391 states. [2022-02-20 23:45:02,337 INFO L87 Difference]: Start difference. First operand has 312 states, 240 states have (on average 1.7916666666666667) internal successors, (430), 299 states have internal predecessors, (430), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) Second operand 391 states. [2022-02-20 23:45:02,349 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:02,350 INFO L93 Difference]: Finished difference Result 391 states and 519 transitions. [2022-02-20 23:45:02,350 INFO L276 IsEmpty]: Start isEmpty. Operand 391 states and 519 transitions. [2022-02-20 23:45:02,352 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:02,352 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:02,352 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:02,352 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:02,353 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 312 states, 240 states have (on average 1.7916666666666667) internal successors, (430), 299 states have internal predecessors, (430), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:02,360 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 312 states to 312 states and 450 transitions. [2022-02-20 23:45:02,361 INFO L78 Accepts]: Start accepts. Automaton has 312 states and 450 transitions. Word has length 10 [2022-02-20 23:45:02,361 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:02,361 INFO L470 AbstractCegarLoop]: Abstraction has 312 states and 450 transitions. [2022-02-20 23:45:02,362 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:02,362 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 450 transitions. [2022-02-20 23:45:02,362 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 11 [2022-02-20 23:45:02,362 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:02,363 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:02,363 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-02-20 23:45:02,363 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting ULTIMATE.startErr51REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:02,364 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:02,364 INFO L85 PathProgramCache]: Analyzing trace with hash 162471022, now seen corresponding path program 1 times [2022-02-20 23:45:02,364 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:02,364 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [769611783] [2022-02-20 23:45:02,364 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:02,364 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:02,390 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:02,518 INFO L290 TraceCheckUtils]: 0: Hoare triple {5870#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {5872#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:02,519 INFO L290 TraceCheckUtils]: 1: Hoare triple {5872#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {5872#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:02,519 INFO L290 TraceCheckUtils]: 2: Hoare triple {5872#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {5872#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:02,520 INFO L290 TraceCheckUtils]: 3: Hoare triple {5872#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume !(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {5872#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:02,520 INFO L290 TraceCheckUtils]: 4: Hoare triple {5872#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} havoc main_~end_point~0#1;havoc main_~direction~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647; {5872#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:02,521 INFO L290 TraceCheckUtils]: 5: Hoare triple {5872#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume 0 != main_#t~nondet26#1;havoc main_#t~nondet26#1;main_~end_point~0#1 := ~unnamed1~0~LIST_BEG;main_~direction~0#1 := ~unnamed2~0~ITEM_NEXT; {5873#(and (or (and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0)) (not (= (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|) 0))) (<= (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|) (* ~unnamed1~0~LIST_BEG 4)))} is VALID [2022-02-20 23:45:02,522 INFO L290 TraceCheckUtils]: 6: Hoare triple {5873#(and (or (and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0)) (not (= (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|) 0))) (<= (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|) (* ~unnamed1~0~LIST_BEG 4)))} SUMMARY for call main_#t~mem27#1.base, main_#t~mem27#1.offset := read~$Pointer$(~#list~0.base, ~#list~0.offset + 4 * main_~end_point~0#1, 4); srcloc: L733-2 {5874#(and (= |ULTIMATE.start_main_#t~mem27#1.offset| 0) (= |ULTIMATE.start_main_#t~mem27#1.base| 0))} is VALID [2022-02-20 23:45:02,524 INFO L290 TraceCheckUtils]: 7: Hoare triple {5874#(and (= |ULTIMATE.start_main_#t~mem27#1.offset| 0) (= |ULTIMATE.start_main_#t~mem27#1.base| 0))} main_~cursor~0#1.base, main_~cursor~0#1.offset := main_#t~mem27#1.base, main_#t~mem27#1.offset;havoc main_#t~mem27#1.base, main_#t~mem27#1.offset; {5875#(and (= 0 |ULTIMATE.start_main_~cursor~0#1.offset|) (= |ULTIMATE.start_main_~cursor~0#1.base| 0))} is VALID [2022-02-20 23:45:02,524 INFO L290 TraceCheckUtils]: 8: Hoare triple {5875#(and (= 0 |ULTIMATE.start_main_~cursor~0#1.offset|) (= |ULTIMATE.start_main_~cursor~0#1.base| 0))} assume !!(main_~cursor~0#1.base != 0 || main_~cursor~0#1.offset != 0); {5871#false} is VALID [2022-02-20 23:45:02,524 INFO L290 TraceCheckUtils]: 9: Hoare triple {5871#false} assume !(1 == #valid[main_~cursor~0#1.base]); {5871#false} is VALID [2022-02-20 23:45:02,525 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:02,525 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:02,525 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [769611783] [2022-02-20 23:45:02,525 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [769611783] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:02,525 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:02,525 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:45:02,526 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [636034406] [2022-02-20 23:45:02,526 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:02,526 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 10 [2022-02-20 23:45:02,526 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:02,527 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:02,535 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 10 edges. 10 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:02,535 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:45:02,535 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:02,536 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:45:02,536 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:45:02,537 INFO L87 Difference]: Start difference. First operand 312 states and 450 transitions. Second operand has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:03,205 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:03,205 INFO L93 Difference]: Finished difference Result 381 states and 508 transitions. [2022-02-20 23:45:03,205 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:45:03,206 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 10 [2022-02-20 23:45:03,206 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:03,206 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:03,209 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 275 transitions. [2022-02-20 23:45:03,209 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:03,212 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 275 transitions. [2022-02-20 23:45:03,212 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 275 transitions. [2022-02-20 23:45:03,433 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 275 edges. 275 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:03,441 INFO L225 Difference]: With dead ends: 381 [2022-02-20 23:45:03,441 INFO L226 Difference]: Without dead ends: 381 [2022-02-20 23:45:03,441 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:45:03,442 INFO L933 BasicCegarLoop]: 149 mSDtfsCounter, 109 mSDsluCounter, 540 mSDsCounter, 0 mSdLazyCounter, 132 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 109 SdHoareTripleChecker+Valid, 689 SdHoareTripleChecker+Invalid, 136 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 132 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:03,442 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [109 Valid, 689 Invalid, 136 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 132 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:03,443 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 381 states. [2022-02-20 23:45:03,449 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 381 to 311. [2022-02-20 23:45:03,449 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:03,450 INFO L82 GeneralOperation]: Start isEquivalent. First operand 381 states. Second operand has 311 states, 239 states have (on average 1.794979079497908) internal successors, (429), 298 states have internal predecessors, (429), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:03,451 INFO L74 IsIncluded]: Start isIncluded. First operand 381 states. Second operand has 311 states, 239 states have (on average 1.794979079497908) internal successors, (429), 298 states have internal predecessors, (429), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:03,452 INFO L87 Difference]: Start difference. First operand 381 states. Second operand has 311 states, 239 states have (on average 1.794979079497908) internal successors, (429), 298 states have internal predecessors, (429), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:03,461 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:03,462 INFO L93 Difference]: Finished difference Result 381 states and 508 transitions. [2022-02-20 23:45:03,462 INFO L276 IsEmpty]: Start isEmpty. Operand 381 states and 508 transitions. [2022-02-20 23:45:03,463 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:03,463 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:03,464 INFO L74 IsIncluded]: Start isIncluded. First operand has 311 states, 239 states have (on average 1.794979079497908) internal successors, (429), 298 states have internal predecessors, (429), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) Second operand 381 states. [2022-02-20 23:45:03,464 INFO L87 Difference]: Start difference. First operand has 311 states, 239 states have (on average 1.794979079497908) internal successors, (429), 298 states have internal predecessors, (429), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) Second operand 381 states. [2022-02-20 23:45:03,474 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:03,475 INFO L93 Difference]: Finished difference Result 381 states and 508 transitions. [2022-02-20 23:45:03,475 INFO L276 IsEmpty]: Start isEmpty. Operand 381 states and 508 transitions. [2022-02-20 23:45:03,475 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:03,476 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:03,476 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:03,476 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:03,477 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 311 states, 239 states have (on average 1.794979079497908) internal successors, (429), 298 states have internal predecessors, (429), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:03,484 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 311 states to 311 states and 449 transitions. [2022-02-20 23:45:03,484 INFO L78 Accepts]: Start accepts. Automaton has 311 states and 449 transitions. Word has length 10 [2022-02-20 23:45:03,484 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:03,485 INFO L470 AbstractCegarLoop]: Abstraction has 311 states and 449 transitions. [2022-02-20 23:45:03,485 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 5 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:03,485 INFO L276 IsEmpty]: Start isEmpty. Operand 311 states and 449 transitions. [2022-02-20 23:45:03,485 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-02-20 23:45:03,485 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:03,485 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:03,486 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-02-20 23:45:03,486 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting ULTIMATE.startErr56ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:03,486 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:03,486 INFO L85 PathProgramCache]: Analyzing trace with hash 798891393, now seen corresponding path program 1 times [2022-02-20 23:45:03,486 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:03,487 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1230454452] [2022-02-20 23:45:03,487 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:03,487 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:03,497 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:03,509 INFO L290 TraceCheckUtils]: 0: Hoare triple {7340#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {7340#true} is VALID [2022-02-20 23:45:03,509 INFO L290 TraceCheckUtils]: 1: Hoare triple {7340#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-20 23:45:03,510 INFO L290 TraceCheckUtils]: 2: Hoare triple {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-20 23:45:03,510 INFO L290 TraceCheckUtils]: 3: Hoare triple {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume !(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-20 23:45:03,511 INFO L290 TraceCheckUtils]: 4: Hoare triple {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} havoc main_~end_point~0#1;havoc main_~direction~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647; {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-20 23:45:03,511 INFO L290 TraceCheckUtils]: 5: Hoare triple {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume !(0 != main_#t~nondet26#1);havoc main_#t~nondet26#1;main_~end_point~0#1 := ~unnamed1~0~LIST_END;main_~direction~0#1 := ~unnamed2~0~ITEM_PREV; {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-20 23:45:03,512 INFO L290 TraceCheckUtils]: 6: Hoare triple {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} SUMMARY for call main_#t~mem27#1.base, main_#t~mem27#1.offset := read~$Pointer$(~#list~0.base, ~#list~0.offset + 4 * main_~end_point~0#1, 4); srcloc: L733-2 {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-20 23:45:03,512 INFO L290 TraceCheckUtils]: 7: Hoare triple {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} main_~cursor~0#1.base, main_~cursor~0#1.offset := main_#t~mem27#1.base, main_#t~mem27#1.offset;havoc main_#t~mem27#1.base, main_#t~mem27#1.offset; {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-20 23:45:03,513 INFO L290 TraceCheckUtils]: 8: Hoare triple {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume !(main_~cursor~0#1.base != 0 || main_~cursor~0#1.offset != 0); {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-20 23:45:03,513 INFO L290 TraceCheckUtils]: 9: Hoare triple {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} main_#res#1 := 0; {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} is VALID [2022-02-20 23:45:03,514 INFO L290 TraceCheckUtils]: 10: Hoare triple {7342#(= |ULTIMATE.start_main_old_#valid#1| |#valid|)} assume !(#valid == main_old_#valid#1); {7341#false} is VALID [2022-02-20 23:45:03,514 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:03,514 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:03,514 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1230454452] [2022-02-20 23:45:03,514 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1230454452] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:03,515 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:03,515 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:45:03,515 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [665549556] [2022-02-20 23:45:03,515 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:03,515 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 5.5) internal successors, (11), 3 states have internal predecessors, (11), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 11 [2022-02-20 23:45:03,516 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:03,516 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 5.5) internal successors, (11), 3 states have internal predecessors, (11), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:03,530 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 11 edges. 11 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:03,530 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 23:45:03,530 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:03,530 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 23:45:03,531 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:45:03,531 INFO L87 Difference]: Start difference. First operand 311 states and 449 transitions. Second operand has 3 states, 2 states have (on average 5.5) internal successors, (11), 3 states have internal predecessors, (11), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:03,740 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:03,741 INFO L93 Difference]: Finished difference Result 370 states and 506 transitions. [2022-02-20 23:45:03,741 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 23:45:03,741 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 5.5) internal successors, (11), 3 states have internal predecessors, (11), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 11 [2022-02-20 23:45:03,741 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:03,741 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 5.5) internal successors, (11), 3 states have internal predecessors, (11), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:03,743 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 252 transitions. [2022-02-20 23:45:03,744 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 5.5) internal successors, (11), 3 states have internal predecessors, (11), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:03,746 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 252 transitions. [2022-02-20 23:45:03,746 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 252 transitions. [2022-02-20 23:45:03,924 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 252 edges. 252 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:03,930 INFO L225 Difference]: With dead ends: 370 [2022-02-20 23:45:03,930 INFO L226 Difference]: Without dead ends: 363 [2022-02-20 23:45:03,931 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:45:03,932 INFO L933 BasicCegarLoop]: 135 mSDtfsCounter, 74 mSDsluCounter, 102 mSDsCounter, 0 mSdLazyCounter, 86 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 76 SdHoareTripleChecker+Valid, 237 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 86 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:03,932 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [76 Valid, 237 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 86 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:45:03,933 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 363 states. [2022-02-20 23:45:03,938 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 363 to 308. [2022-02-20 23:45:03,938 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:03,939 INFO L82 GeneralOperation]: Start isEquivalent. First operand 363 states. Second operand has 308 states, 236 states have (on average 1.7966101694915255) internal successors, (424), 295 states have internal predecessors, (424), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:03,940 INFO L74 IsIncluded]: Start isIncluded. First operand 363 states. Second operand has 308 states, 236 states have (on average 1.7966101694915255) internal successors, (424), 295 states have internal predecessors, (424), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:03,941 INFO L87 Difference]: Start difference. First operand 363 states. Second operand has 308 states, 236 states have (on average 1.7966101694915255) internal successors, (424), 295 states have internal predecessors, (424), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:03,949 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:03,950 INFO L93 Difference]: Finished difference Result 363 states and 498 transitions. [2022-02-20 23:45:03,950 INFO L276 IsEmpty]: Start isEmpty. Operand 363 states and 498 transitions. [2022-02-20 23:45:03,951 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:03,951 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:03,952 INFO L74 IsIncluded]: Start isIncluded. First operand has 308 states, 236 states have (on average 1.7966101694915255) internal successors, (424), 295 states have internal predecessors, (424), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) Second operand 363 states. [2022-02-20 23:45:03,952 INFO L87 Difference]: Start difference. First operand has 308 states, 236 states have (on average 1.7966101694915255) internal successors, (424), 295 states have internal predecessors, (424), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) Second operand 363 states. [2022-02-20 23:45:03,961 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:03,962 INFO L93 Difference]: Finished difference Result 363 states and 498 transitions. [2022-02-20 23:45:03,962 INFO L276 IsEmpty]: Start isEmpty. Operand 363 states and 498 transitions. [2022-02-20 23:45:03,962 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:03,963 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:03,963 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:03,963 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:03,964 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 308 states, 236 states have (on average 1.7966101694915255) internal successors, (424), 295 states have internal predecessors, (424), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:03,971 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 308 states to 308 states and 444 transitions. [2022-02-20 23:45:03,971 INFO L78 Accepts]: Start accepts. Automaton has 308 states and 444 transitions. Word has length 11 [2022-02-20 23:45:03,971 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:03,971 INFO L470 AbstractCegarLoop]: Abstraction has 308 states and 444 transitions. [2022-02-20 23:45:03,971 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 5.5) internal successors, (11), 3 states have internal predecessors, (11), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-02-20 23:45:03,971 INFO L276 IsEmpty]: Start isEmpty. Operand 308 states and 444 transitions. [2022-02-20 23:45:03,972 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 14 [2022-02-20 23:45:03,972 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:03,972 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:03,972 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-02-20 23:45:03,972 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:03,973 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:03,973 INFO L85 PathProgramCache]: Analyzing trace with hash 1916999928, now seen corresponding path program 1 times [2022-02-20 23:45:03,973 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:03,973 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [661340366] [2022-02-20 23:45:03,973 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:03,973 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:03,983 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:04,015 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:04,018 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:04,021 INFO L290 TraceCheckUtils]: 0: Hoare triple {8749#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {8749#true} is VALID [2022-02-20 23:45:04,022 INFO L290 TraceCheckUtils]: 1: Hoare triple {8749#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {8749#true} is VALID [2022-02-20 23:45:04,022 INFO L290 TraceCheckUtils]: 2: Hoare triple {8749#true} assume true; {8749#true} is VALID [2022-02-20 23:45:04,023 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {8749#true} {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} #259#return; {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:04,023 INFO L290 TraceCheckUtils]: 0: Hoare triple {8749#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:04,024 INFO L290 TraceCheckUtils]: 1: Hoare triple {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:04,024 INFO L290 TraceCheckUtils]: 2: Hoare triple {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:04,025 INFO L290 TraceCheckUtils]: 3: Hoare triple {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:04,025 INFO L290 TraceCheckUtils]: 4: Hoare triple {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:04,026 INFO L290 TraceCheckUtils]: 5: Hoare triple {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:04,026 INFO L272 TraceCheckUtils]: 6: Hoare triple {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} call main_#t~ret23#1 := rand_end_point(); {8749#true} is VALID [2022-02-20 23:45:04,026 INFO L290 TraceCheckUtils]: 7: Hoare triple {8749#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {8749#true} is VALID [2022-02-20 23:45:04,027 INFO L290 TraceCheckUtils]: 8: Hoare triple {8749#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {8749#true} is VALID [2022-02-20 23:45:04,027 INFO L290 TraceCheckUtils]: 9: Hoare triple {8749#true} assume true; {8749#true} is VALID [2022-02-20 23:45:04,027 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {8749#true} {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} #259#return; {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:04,028 INFO L290 TraceCheckUtils]: 11: Hoare triple {8751#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {8756#(and (= (select |#valid| |ULTIMATE.start_append_one_~list#1.base|) 1) (= 3 |ULTIMATE.start_append_one_~list#1.base|))} is VALID [2022-02-20 23:45:04,028 INFO L290 TraceCheckUtils]: 12: Hoare triple {8756#(and (= (select |#valid| |ULTIMATE.start_append_one_~list#1.base|) 1) (= 3 |ULTIMATE.start_append_one_~list#1.base|))} assume !(1 == #valid[append_one_~list#1.base]); {8750#false} is VALID [2022-02-20 23:45:04,029 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:04,029 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:04,029 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [661340366] [2022-02-20 23:45:04,029 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [661340366] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:04,029 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:04,029 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:45:04,030 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [390717484] [2022-02-20 23:45:04,030 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:04,030 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 13 [2022-02-20 23:45:04,030 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:04,030 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:04,040 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 13 edges. 13 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:04,040 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:45:04,041 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:04,041 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:45:04,041 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:04,041 INFO L87 Difference]: Start difference. First operand 308 states and 444 transitions. Second operand has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:04,622 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:04,623 INFO L93 Difference]: Finished difference Result 439 states and 552 transitions. [2022-02-20 23:45:04,623 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:45:04,624 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 13 [2022-02-20 23:45:04,624 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:04,624 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:04,627 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 390 transitions. [2022-02-20 23:45:04,628 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:04,631 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 390 transitions. [2022-02-20 23:45:04,631 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 390 transitions. [2022-02-20 23:45:04,906 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 390 edges. 390 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:04,916 INFO L225 Difference]: With dead ends: 439 [2022-02-20 23:45:04,916 INFO L226 Difference]: Without dead ends: 439 [2022-02-20 23:45:04,917 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:45:04,917 INFO L933 BasicCegarLoop]: 158 mSDtfsCounter, 267 mSDsluCounter, 195 mSDsCounter, 0 mSdLazyCounter, 218 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 267 SdHoareTripleChecker+Valid, 353 SdHoareTripleChecker+Invalid, 227 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 218 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:04,918 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [267 Valid, 353 Invalid, 227 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 218 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:45:04,918 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 439 states. [2022-02-20 23:45:04,923 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 439 to 308. [2022-02-20 23:45:04,924 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:04,924 INFO L82 GeneralOperation]: Start isEquivalent. First operand 439 states. Second operand has 308 states, 236 states have (on average 1.771186440677966) internal successors, (418), 295 states have internal predecessors, (418), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:04,925 INFO L74 IsIncluded]: Start isIncluded. First operand 439 states. Second operand has 308 states, 236 states have (on average 1.771186440677966) internal successors, (418), 295 states have internal predecessors, (418), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:04,926 INFO L87 Difference]: Start difference. First operand 439 states. Second operand has 308 states, 236 states have (on average 1.771186440677966) internal successors, (418), 295 states have internal predecessors, (418), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:04,937 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:04,938 INFO L93 Difference]: Finished difference Result 439 states and 552 transitions. [2022-02-20 23:45:04,938 INFO L276 IsEmpty]: Start isEmpty. Operand 439 states and 552 transitions. [2022-02-20 23:45:04,939 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:04,939 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:04,940 INFO L74 IsIncluded]: Start isIncluded. First operand has 308 states, 236 states have (on average 1.771186440677966) internal successors, (418), 295 states have internal predecessors, (418), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) Second operand 439 states. [2022-02-20 23:45:04,941 INFO L87 Difference]: Start difference. First operand has 308 states, 236 states have (on average 1.771186440677966) internal successors, (418), 295 states have internal predecessors, (418), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) Second operand 439 states. [2022-02-20 23:45:04,953 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:04,953 INFO L93 Difference]: Finished difference Result 439 states and 552 transitions. [2022-02-20 23:45:04,953 INFO L276 IsEmpty]: Start isEmpty. Operand 439 states and 552 transitions. [2022-02-20 23:45:04,954 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:04,954 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:04,954 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:04,954 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:04,955 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 308 states, 236 states have (on average 1.771186440677966) internal successors, (418), 295 states have internal predecessors, (418), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:04,961 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 308 states to 308 states and 438 transitions. [2022-02-20 23:45:04,962 INFO L78 Accepts]: Start accepts. Automaton has 308 states and 438 transitions. Word has length 13 [2022-02-20 23:45:04,962 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:04,962 INFO L470 AbstractCegarLoop]: Abstraction has 308 states and 438 transitions. [2022-02-20 23:45:04,962 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 4 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:04,962 INFO L276 IsEmpty]: Start isEmpty. Operand 308 states and 438 transitions. [2022-02-20 23:45:04,963 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 14 [2022-02-20 23:45:04,963 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:04,963 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:04,963 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-02-20 23:45:04,963 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:04,963 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:04,964 INFO L85 PathProgramCache]: Analyzing trace with hash 1916999929, now seen corresponding path program 1 times [2022-02-20 23:45:04,964 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:04,964 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1823535110] [2022-02-20 23:45:04,964 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:04,964 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:04,993 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:05,085 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:05,092 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:05,113 INFO L290 TraceCheckUtils]: 0: Hoare triple {10386#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {10386#true} is VALID [2022-02-20 23:45:05,113 INFO L290 TraceCheckUtils]: 1: Hoare triple {10386#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {10395#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:05,114 INFO L290 TraceCheckUtils]: 2: Hoare triple {10395#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} assume true; {10395#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:05,115 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {10395#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} #259#return; {10393#(and (<= (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|) (* ~unnamed1~0~LIST_BEG 4)) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)) (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:05,116 INFO L290 TraceCheckUtils]: 0: Hoare triple {10386#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:05,116 INFO L290 TraceCheckUtils]: 1: Hoare triple {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:05,118 INFO L290 TraceCheckUtils]: 2: Hoare triple {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:05,119 INFO L290 TraceCheckUtils]: 3: Hoare triple {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:05,119 INFO L290 TraceCheckUtils]: 4: Hoare triple {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:05,120 INFO L290 TraceCheckUtils]: 5: Hoare triple {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:05,120 INFO L272 TraceCheckUtils]: 6: Hoare triple {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} call main_#t~ret23#1 := rand_end_point(); {10386#true} is VALID [2022-02-20 23:45:05,120 INFO L290 TraceCheckUtils]: 7: Hoare triple {10386#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {10386#true} is VALID [2022-02-20 23:45:05,121 INFO L290 TraceCheckUtils]: 8: Hoare triple {10386#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {10395#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:05,121 INFO L290 TraceCheckUtils]: 9: Hoare triple {10395#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} assume true; {10395#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:05,122 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {10395#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} {10388#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} #259#return; {10393#(and (<= (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|) (* ~unnamed1~0~LIST_BEG 4)) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)) (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:05,123 INFO L290 TraceCheckUtils]: 11: Hoare triple {10393#(and (<= (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|) (* ~unnamed1~0~LIST_BEG 4)) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)) (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {10394#(and (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) (* ~unnamed1~0~LIST_BEG 4)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:05,124 INFO L290 TraceCheckUtils]: 12: Hoare triple {10394#(and (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) (* ~unnamed1~0~LIST_BEG 4)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} assume !(4 + (append_one_~list#1.offset + 4 * append_one_~to#1) <= #length[append_one_~list#1.base] && 0 <= append_one_~list#1.offset + 4 * append_one_~to#1); {10387#false} is VALID [2022-02-20 23:45:05,124 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:05,124 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:05,124 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1823535110] [2022-02-20 23:45:05,124 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1823535110] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:05,124 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:05,125 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:45:05,125 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1978243122] [2022-02-20 23:45:05,125 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:05,126 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 13 [2022-02-20 23:45:05,127 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:05,127 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:05,137 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 13 edges. 13 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:05,138 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:45:05,138 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:05,138 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:45:05,138 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:45:05,139 INFO L87 Difference]: Start difference. First operand 308 states and 438 transitions. Second operand has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:05,945 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:05,945 INFO L93 Difference]: Finished difference Result 378 states and 484 transitions. [2022-02-20 23:45:05,945 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:45:05,945 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 13 [2022-02-20 23:45:05,945 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:05,945 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:05,948 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 286 transitions. [2022-02-20 23:45:05,948 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:05,950 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 286 transitions. [2022-02-20 23:45:05,950 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 286 transitions. [2022-02-20 23:45:06,177 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 286 edges. 286 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:06,186 INFO L225 Difference]: With dead ends: 378 [2022-02-20 23:45:06,186 INFO L226 Difference]: Without dead ends: 378 [2022-02-20 23:45:06,186 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=23, Invalid=49, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:45:06,186 INFO L933 BasicCegarLoop]: 153 mSDtfsCounter, 118 mSDsluCounter, 507 mSDsCounter, 0 mSdLazyCounter, 230 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 660 SdHoareTripleChecker+Invalid, 230 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 230 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:06,187 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [120 Valid, 660 Invalid, 230 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 230 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:45:06,187 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 378 states. [2022-02-20 23:45:06,193 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 378 to 318. [2022-02-20 23:45:06,193 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:06,194 INFO L82 GeneralOperation]: Start isEquivalent. First operand 378 states. Second operand has 318 states, 243 states have (on average 1.7530864197530864) internal successors, (426), 303 states have internal predecessors, (426), 10 states have call successors, (10), 5 states have call predecessors, (10), 8 states have return successors, (16), 9 states have call predecessors, (16), 10 states have call successors, (16) [2022-02-20 23:45:06,194 INFO L74 IsIncluded]: Start isIncluded. First operand 378 states. Second operand has 318 states, 243 states have (on average 1.7530864197530864) internal successors, (426), 303 states have internal predecessors, (426), 10 states have call successors, (10), 5 states have call predecessors, (10), 8 states have return successors, (16), 9 states have call predecessors, (16), 10 states have call successors, (16) [2022-02-20 23:45:06,195 INFO L87 Difference]: Start difference. First operand 378 states. Second operand has 318 states, 243 states have (on average 1.7530864197530864) internal successors, (426), 303 states have internal predecessors, (426), 10 states have call successors, (10), 5 states have call predecessors, (10), 8 states have return successors, (16), 9 states have call predecessors, (16), 10 states have call successors, (16) [2022-02-20 23:45:06,204 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:06,204 INFO L93 Difference]: Finished difference Result 378 states and 484 transitions. [2022-02-20 23:45:06,204 INFO L276 IsEmpty]: Start isEmpty. Operand 378 states and 484 transitions. [2022-02-20 23:45:06,205 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:06,205 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:06,206 INFO L74 IsIncluded]: Start isIncluded. First operand has 318 states, 243 states have (on average 1.7530864197530864) internal successors, (426), 303 states have internal predecessors, (426), 10 states have call successors, (10), 5 states have call predecessors, (10), 8 states have return successors, (16), 9 states have call predecessors, (16), 10 states have call successors, (16) Second operand 378 states. [2022-02-20 23:45:06,206 INFO L87 Difference]: Start difference. First operand has 318 states, 243 states have (on average 1.7530864197530864) internal successors, (426), 303 states have internal predecessors, (426), 10 states have call successors, (10), 5 states have call predecessors, (10), 8 states have return successors, (16), 9 states have call predecessors, (16), 10 states have call successors, (16) Second operand 378 states. [2022-02-20 23:45:06,215 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:06,216 INFO L93 Difference]: Finished difference Result 378 states and 484 transitions. [2022-02-20 23:45:06,216 INFO L276 IsEmpty]: Start isEmpty. Operand 378 states and 484 transitions. [2022-02-20 23:45:06,216 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:06,217 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:06,217 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:06,217 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:06,218 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 318 states, 243 states have (on average 1.7530864197530864) internal successors, (426), 303 states have internal predecessors, (426), 10 states have call successors, (10), 5 states have call predecessors, (10), 8 states have return successors, (16), 9 states have call predecessors, (16), 10 states have call successors, (16) [2022-02-20 23:45:06,224 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 318 states to 318 states and 452 transitions. [2022-02-20 23:45:06,225 INFO L78 Accepts]: Start accepts. Automaton has 318 states and 452 transitions. Word has length 13 [2022-02-20 23:45:06,225 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:06,225 INFO L470 AbstractCegarLoop]: Abstraction has 318 states and 452 transitions. [2022-02-20 23:45:06,225 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:06,225 INFO L276 IsEmpty]: Start isEmpty. Operand 318 states and 452 transitions. [2022-02-20 23:45:06,226 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 14 [2022-02-20 23:45:06,226 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:06,226 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:06,226 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-02-20 23:45:06,226 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:06,227 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:06,227 INFO L85 PathProgramCache]: Analyzing trace with hash 1917923450, now seen corresponding path program 1 times [2022-02-20 23:45:06,227 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:06,227 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1449152826] [2022-02-20 23:45:06,227 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:06,227 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:06,237 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:06,315 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:06,320 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:06,340 INFO L290 TraceCheckUtils]: 0: Hoare triple {11856#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {11856#true} is VALID [2022-02-20 23:45:06,341 INFO L290 TraceCheckUtils]: 1: Hoare triple {11856#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {11865#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:06,341 INFO L290 TraceCheckUtils]: 2: Hoare triple {11865#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} assume true; {11865#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:06,343 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {11865#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} #259#return; {11863#(and (<= (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= (* ~unnamed1~0~LIST_END 4) (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)) (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:06,343 INFO L290 TraceCheckUtils]: 0: Hoare triple {11856#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:06,344 INFO L290 TraceCheckUtils]: 1: Hoare triple {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:06,345 INFO L290 TraceCheckUtils]: 2: Hoare triple {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:06,345 INFO L290 TraceCheckUtils]: 3: Hoare triple {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:06,346 INFO L290 TraceCheckUtils]: 4: Hoare triple {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:06,346 INFO L290 TraceCheckUtils]: 5: Hoare triple {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:06,347 INFO L272 TraceCheckUtils]: 6: Hoare triple {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} call main_#t~ret23#1 := rand_end_point(); {11856#true} is VALID [2022-02-20 23:45:06,349 INFO L290 TraceCheckUtils]: 7: Hoare triple {11856#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {11856#true} is VALID [2022-02-20 23:45:06,349 INFO L290 TraceCheckUtils]: 8: Hoare triple {11856#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {11865#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:06,350 INFO L290 TraceCheckUtils]: 9: Hoare triple {11865#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} assume true; {11865#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:06,351 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {11865#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} {11858#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} #259#return; {11863#(and (<= (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= (* ~unnamed1~0~LIST_END 4) (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)) (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:06,352 INFO L290 TraceCheckUtils]: 11: Hoare triple {11863#(and (<= (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= (* ~unnamed1~0~LIST_END 4) (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)) (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {11864#(and (<= (* ~unnamed1~0~LIST_END 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) (* ~unnamed1~0~LIST_END 4)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:06,353 INFO L290 TraceCheckUtils]: 12: Hoare triple {11864#(and (<= (* ~unnamed1~0~LIST_END 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) (* ~unnamed1~0~LIST_END 4)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} assume !(4 + (append_one_~list#1.offset + 4 * append_one_~to#1) <= #length[append_one_~list#1.base] && 0 <= append_one_~list#1.offset + 4 * append_one_~to#1); {11857#false} is VALID [2022-02-20 23:45:06,354 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:06,354 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:06,354 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1449152826] [2022-02-20 23:45:06,354 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1449152826] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:06,354 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:06,354 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:45:06,355 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1857610396] [2022-02-20 23:45:06,355 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:06,355 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 13 [2022-02-20 23:45:06,356 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:06,356 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:06,369 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 13 edges. 13 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:06,369 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:45:06,369 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:06,370 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:45:06,370 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:45:06,370 INFO L87 Difference]: Start difference. First operand 318 states and 452 transitions. Second operand has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:07,135 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:07,135 INFO L93 Difference]: Finished difference Result 377 states and 482 transitions. [2022-02-20 23:45:07,135 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:45:07,135 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 13 [2022-02-20 23:45:07,136 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:07,136 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:07,138 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 285 transitions. [2022-02-20 23:45:07,138 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:07,141 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 285 transitions. [2022-02-20 23:45:07,141 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 285 transitions. [2022-02-20 23:45:07,374 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 285 edges. 285 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:07,383 INFO L225 Difference]: With dead ends: 377 [2022-02-20 23:45:07,383 INFO L226 Difference]: Without dead ends: 377 [2022-02-20 23:45:07,383 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=23, Invalid=49, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:45:07,384 INFO L933 BasicCegarLoop]: 160 mSDtfsCounter, 113 mSDsluCounter, 522 mSDsCounter, 0 mSdLazyCounter, 240 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 113 SdHoareTripleChecker+Valid, 682 SdHoareTripleChecker+Invalid, 240 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 240 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:07,385 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [113 Valid, 682 Invalid, 240 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 240 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:45:07,386 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 377 states. [2022-02-20 23:45:07,393 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 377 to 312. [2022-02-20 23:45:07,394 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:07,394 INFO L82 GeneralOperation]: Start isEquivalent. First operand 377 states. Second operand has 312 states, 240 states have (on average 1.7625) internal successors, (423), 297 states have internal predecessors, (423), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:07,395 INFO L74 IsIncluded]: Start isIncluded. First operand 377 states. Second operand has 312 states, 240 states have (on average 1.7625) internal successors, (423), 297 states have internal predecessors, (423), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:07,396 INFO L87 Difference]: Start difference. First operand 377 states. Second operand has 312 states, 240 states have (on average 1.7625) internal successors, (423), 297 states have internal predecessors, (423), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:07,405 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:07,405 INFO L93 Difference]: Finished difference Result 377 states and 482 transitions. [2022-02-20 23:45:07,406 INFO L276 IsEmpty]: Start isEmpty. Operand 377 states and 482 transitions. [2022-02-20 23:45:07,407 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:07,407 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:07,409 INFO L74 IsIncluded]: Start isIncluded. First operand has 312 states, 240 states have (on average 1.7625) internal successors, (423), 297 states have internal predecessors, (423), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 377 states. [2022-02-20 23:45:07,412 INFO L87 Difference]: Start difference. First operand has 312 states, 240 states have (on average 1.7625) internal successors, (423), 297 states have internal predecessors, (423), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 377 states. [2022-02-20 23:45:07,421 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:07,422 INFO L93 Difference]: Finished difference Result 377 states and 482 transitions. [2022-02-20 23:45:07,422 INFO L276 IsEmpty]: Start isEmpty. Operand 377 states and 482 transitions. [2022-02-20 23:45:07,423 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:07,423 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:07,423 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:07,423 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:07,424 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 312 states, 240 states have (on average 1.7625) internal successors, (423), 297 states have internal predecessors, (423), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:07,431 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 312 states to 312 states and 443 transitions. [2022-02-20 23:45:07,431 INFO L78 Accepts]: Start accepts. Automaton has 312 states and 443 transitions. Word has length 13 [2022-02-20 23:45:07,432 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:07,432 INFO L470 AbstractCegarLoop]: Abstraction has 312 states and 443 transitions. [2022-02-20 23:45:07,432 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 2.2) internal successors, (11), 5 states have internal predecessors, (11), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:07,432 INFO L276 IsEmpty]: Start isEmpty. Operand 312 states and 443 transitions. [2022-02-20 23:45:07,433 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 16 [2022-02-20 23:45:07,433 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:07,433 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:07,433 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2022-02-20 23:45:07,433 INFO L402 AbstractCegarLoop]: === Iteration 11 === Targeting ULTIMATE.startErr20REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:07,433 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:07,434 INFO L85 PathProgramCache]: Analyzing trace with hash -60907143, now seen corresponding path program 1 times [2022-02-20 23:45:07,434 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:07,434 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [586763993] [2022-02-20 23:45:07,434 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:07,434 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:07,444 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:07,478 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:07,481 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:07,485 INFO L290 TraceCheckUtils]: 0: Hoare triple {13317#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {13317#true} is VALID [2022-02-20 23:45:07,485 INFO L290 TraceCheckUtils]: 1: Hoare triple {13317#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {13317#true} is VALID [2022-02-20 23:45:07,486 INFO L290 TraceCheckUtils]: 2: Hoare triple {13317#true} assume true; {13317#true} is VALID [2022-02-20 23:45:07,487 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {13317#true} {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} #261#return; {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:07,496 INFO L290 TraceCheckUtils]: 0: Hoare triple {13317#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:07,498 INFO L290 TraceCheckUtils]: 1: Hoare triple {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:07,499 INFO L290 TraceCheckUtils]: 2: Hoare triple {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:07,500 INFO L290 TraceCheckUtils]: 3: Hoare triple {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:07,500 INFO L290 TraceCheckUtils]: 4: Hoare triple {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:07,501 INFO L290 TraceCheckUtils]: 5: Hoare triple {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:07,501 INFO L290 TraceCheckUtils]: 6: Hoare triple {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:07,502 INFO L290 TraceCheckUtils]: 7: Hoare triple {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:07,502 INFO L272 TraceCheckUtils]: 8: Hoare triple {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} call main_#t~ret25#1 := rand_end_point(); {13317#true} is VALID [2022-02-20 23:45:07,502 INFO L290 TraceCheckUtils]: 9: Hoare triple {13317#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {13317#true} is VALID [2022-02-20 23:45:07,502 INFO L290 TraceCheckUtils]: 10: Hoare triple {13317#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {13317#true} is VALID [2022-02-20 23:45:07,503 INFO L290 TraceCheckUtils]: 11: Hoare triple {13317#true} assume true; {13317#true} is VALID [2022-02-20 23:45:07,504 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {13317#true} {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} #261#return; {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:07,505 INFO L290 TraceCheckUtils]: 13: Hoare triple {13319#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {13324#(and (= |ULTIMATE.start_is_empty_~list#1.base| 3) (= (select |#valid| |ULTIMATE.start_is_empty_~list#1.base|) 1))} is VALID [2022-02-20 23:45:07,505 INFO L290 TraceCheckUtils]: 14: Hoare triple {13324#(and (= |ULTIMATE.start_is_empty_~list#1.base| 3) (= (select |#valid| |ULTIMATE.start_is_empty_~list#1.base|) 1))} assume !(1 == #valid[is_empty_~list#1.base]); {13318#false} is VALID [2022-02-20 23:45:07,505 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:07,505 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:07,505 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [586763993] [2022-02-20 23:45:07,506 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [586763993] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:07,506 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:07,506 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:45:07,506 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1947230754] [2022-02-20 23:45:07,506 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:07,507 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 15 [2022-02-20 23:45:07,507 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:07,507 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:07,522 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 15 edges. 15 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:07,522 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:45:07,522 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:07,523 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:45:07,523 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:07,523 INFO L87 Difference]: Start difference. First operand 312 states and 443 transitions. Second operand has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:08,106 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:08,106 INFO L93 Difference]: Finished difference Result 489 states and 642 transitions. [2022-02-20 23:45:08,107 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:45:08,107 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 15 [2022-02-20 23:45:08,107 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:08,107 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:08,111 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 383 transitions. [2022-02-20 23:45:08,111 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:08,115 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 383 transitions. [2022-02-20 23:45:08,115 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 383 transitions. [2022-02-20 23:45:08,406 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 383 edges. 383 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:08,418 INFO L225 Difference]: With dead ends: 489 [2022-02-20 23:45:08,418 INFO L226 Difference]: Without dead ends: 489 [2022-02-20 23:45:08,418 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:45:08,419 INFO L933 BasicCegarLoop]: 164 mSDtfsCounter, 259 mSDsluCounter, 196 mSDsCounter, 0 mSdLazyCounter, 206 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 259 SdHoareTripleChecker+Valid, 360 SdHoareTripleChecker+Invalid, 212 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 206 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:08,419 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [259 Valid, 360 Invalid, 212 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 206 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:45:08,420 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 489 states. [2022-02-20 23:45:08,426 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 489 to 318. [2022-02-20 23:45:08,427 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:08,427 INFO L82 GeneralOperation]: Start isEquivalent. First operand 489 states. Second operand has 318 states, 246 states have (on average 1.7439024390243902) internal successors, (429), 303 states have internal predecessors, (429), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:08,431 INFO L74 IsIncluded]: Start isIncluded. First operand 489 states. Second operand has 318 states, 246 states have (on average 1.7439024390243902) internal successors, (429), 303 states have internal predecessors, (429), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:08,432 INFO L87 Difference]: Start difference. First operand 489 states. Second operand has 318 states, 246 states have (on average 1.7439024390243902) internal successors, (429), 303 states have internal predecessors, (429), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:08,446 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:08,446 INFO L93 Difference]: Finished difference Result 489 states and 642 transitions. [2022-02-20 23:45:08,446 INFO L276 IsEmpty]: Start isEmpty. Operand 489 states and 642 transitions. [2022-02-20 23:45:08,447 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:08,447 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:08,448 INFO L74 IsIncluded]: Start isIncluded. First operand has 318 states, 246 states have (on average 1.7439024390243902) internal successors, (429), 303 states have internal predecessors, (429), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 489 states. [2022-02-20 23:45:08,448 INFO L87 Difference]: Start difference. First operand has 318 states, 246 states have (on average 1.7439024390243902) internal successors, (429), 303 states have internal predecessors, (429), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 489 states. [2022-02-20 23:45:08,463 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:08,464 INFO L93 Difference]: Finished difference Result 489 states and 642 transitions. [2022-02-20 23:45:08,464 INFO L276 IsEmpty]: Start isEmpty. Operand 489 states and 642 transitions. [2022-02-20 23:45:08,465 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:08,465 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:08,465 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:08,465 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:08,466 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 318 states, 246 states have (on average 1.7439024390243902) internal successors, (429), 303 states have internal predecessors, (429), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:08,472 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 318 states to 318 states and 449 transitions. [2022-02-20 23:45:08,472 INFO L78 Accepts]: Start accepts. Automaton has 318 states and 449 transitions. Word has length 15 [2022-02-20 23:45:08,473 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:08,473 INFO L470 AbstractCegarLoop]: Abstraction has 318 states and 449 transitions. [2022-02-20 23:45:08,473 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:08,473 INFO L276 IsEmpty]: Start isEmpty. Operand 318 states and 449 transitions. [2022-02-20 23:45:08,473 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 16 [2022-02-20 23:45:08,473 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:08,474 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:08,474 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2022-02-20 23:45:08,474 INFO L402 AbstractCegarLoop]: === Iteration 12 === Targeting ULTIMATE.startErr21REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:08,474 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:08,474 INFO L85 PathProgramCache]: Analyzing trace with hash -60907142, now seen corresponding path program 1 times [2022-02-20 23:45:08,474 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:08,475 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [256041477] [2022-02-20 23:45:08,475 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:08,475 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:08,490 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:08,561 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:08,563 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:08,568 INFO L290 TraceCheckUtils]: 0: Hoare triple {15114#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {15114#true} is VALID [2022-02-20 23:45:08,568 INFO L290 TraceCheckUtils]: 1: Hoare triple {15114#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {15114#true} is VALID [2022-02-20 23:45:08,569 INFO L290 TraceCheckUtils]: 2: Hoare triple {15114#true} assume true; {15114#true} is VALID [2022-02-20 23:45:08,569 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {15114#true} {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} #261#return; {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:08,570 INFO L290 TraceCheckUtils]: 0: Hoare triple {15114#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:08,571 INFO L290 TraceCheckUtils]: 1: Hoare triple {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:08,571 INFO L290 TraceCheckUtils]: 2: Hoare triple {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:08,572 INFO L290 TraceCheckUtils]: 3: Hoare triple {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:08,572 INFO L290 TraceCheckUtils]: 4: Hoare triple {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:08,572 INFO L290 TraceCheckUtils]: 5: Hoare triple {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:08,573 INFO L290 TraceCheckUtils]: 6: Hoare triple {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:08,573 INFO L290 TraceCheckUtils]: 7: Hoare triple {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:08,574 INFO L272 TraceCheckUtils]: 8: Hoare triple {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} call main_#t~ret25#1 := rand_end_point(); {15114#true} is VALID [2022-02-20 23:45:08,574 INFO L290 TraceCheckUtils]: 9: Hoare triple {15114#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {15114#true} is VALID [2022-02-20 23:45:08,574 INFO L290 TraceCheckUtils]: 10: Hoare triple {15114#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {15114#true} is VALID [2022-02-20 23:45:08,574 INFO L290 TraceCheckUtils]: 11: Hoare triple {15114#true} assume true; {15114#true} is VALID [2022-02-20 23:45:08,575 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {15114#true} {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} #261#return; {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:08,575 INFO L290 TraceCheckUtils]: 13: Hoare triple {15116#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {15121#(and (= (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) 8) (<= |ULTIMATE.start_is_empty_~list#1.offset| 0) (<= 0 |ULTIMATE.start_is_empty_~list#1.offset|))} is VALID [2022-02-20 23:45:08,580 INFO L290 TraceCheckUtils]: 14: Hoare triple {15121#(and (= (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) 8) (<= |ULTIMATE.start_is_empty_~list#1.offset| 0) (<= 0 |ULTIMATE.start_is_empty_~list#1.offset|))} assume !(4 + (is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG) <= #length[is_empty_~list#1.base] && 0 <= is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG); {15115#false} is VALID [2022-02-20 23:45:08,581 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:08,581 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:08,581 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [256041477] [2022-02-20 23:45:08,581 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [256041477] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:08,581 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:08,581 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:45:08,581 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1494099857] [2022-02-20 23:45:08,582 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:08,582 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 15 [2022-02-20 23:45:08,582 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:08,582 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:08,594 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 15 edges. 15 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:08,594 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:45:08,594 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:08,594 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:45:08,594 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:08,595 INFO L87 Difference]: Start difference. First operand 318 states and 449 transitions. Second operand has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:09,050 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:09,050 INFO L93 Difference]: Finished difference Result 375 states and 473 transitions. [2022-02-20 23:45:09,050 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:45:09,050 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 15 [2022-02-20 23:45:09,050 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:09,050 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:09,052 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 290 transitions. [2022-02-20 23:45:09,052 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:09,054 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 290 transitions. [2022-02-20 23:45:09,055 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 290 transitions. [2022-02-20 23:45:09,293 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 290 edges. 290 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:09,301 INFO L225 Difference]: With dead ends: 375 [2022-02-20 23:45:09,301 INFO L226 Difference]: Without dead ends: 375 [2022-02-20 23:45:09,301 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:45:09,302 INFO L933 BasicCegarLoop]: 160 mSDtfsCounter, 203 mSDsluCounter, 214 mSDsCounter, 0 mSdLazyCounter, 151 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 203 SdHoareTripleChecker+Valid, 374 SdHoareTripleChecker+Invalid, 155 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 151 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:09,302 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [203 Valid, 374 Invalid, 155 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 151 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:09,303 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 375 states. [2022-02-20 23:45:09,308 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 375 to 318. [2022-02-20 23:45:09,309 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:09,309 INFO L82 GeneralOperation]: Start isEquivalent. First operand 375 states. Second operand has 318 states, 246 states have (on average 1.7073170731707317) internal successors, (420), 303 states have internal predecessors, (420), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:09,310 INFO L74 IsIncluded]: Start isIncluded. First operand 375 states. Second operand has 318 states, 246 states have (on average 1.7073170731707317) internal successors, (420), 303 states have internal predecessors, (420), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:09,310 INFO L87 Difference]: Start difference. First operand 375 states. Second operand has 318 states, 246 states have (on average 1.7073170731707317) internal successors, (420), 303 states have internal predecessors, (420), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:09,320 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:09,320 INFO L93 Difference]: Finished difference Result 375 states and 473 transitions. [2022-02-20 23:45:09,320 INFO L276 IsEmpty]: Start isEmpty. Operand 375 states and 473 transitions. [2022-02-20 23:45:09,321 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:09,321 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:09,323 INFO L74 IsIncluded]: Start isIncluded. First operand has 318 states, 246 states have (on average 1.7073170731707317) internal successors, (420), 303 states have internal predecessors, (420), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 375 states. [2022-02-20 23:45:09,323 INFO L87 Difference]: Start difference. First operand has 318 states, 246 states have (on average 1.7073170731707317) internal successors, (420), 303 states have internal predecessors, (420), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 375 states. [2022-02-20 23:45:09,332 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:09,332 INFO L93 Difference]: Finished difference Result 375 states and 473 transitions. [2022-02-20 23:45:09,333 INFO L276 IsEmpty]: Start isEmpty. Operand 375 states and 473 transitions. [2022-02-20 23:45:09,333 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:09,333 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:09,334 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:09,334 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:09,334 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 318 states, 246 states have (on average 1.7073170731707317) internal successors, (420), 303 states have internal predecessors, (420), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:09,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 318 states to 318 states and 440 transitions. [2022-02-20 23:45:09,341 INFO L78 Accepts]: Start accepts. Automaton has 318 states and 440 transitions. Word has length 15 [2022-02-20 23:45:09,342 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:09,342 INFO L470 AbstractCegarLoop]: Abstraction has 318 states and 440 transitions. [2022-02-20 23:45:09,342 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 4.333333333333333) internal successors, (13), 4 states have internal predecessors, (13), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:09,342 INFO L276 IsEmpty]: Start isEmpty. Operand 318 states and 440 transitions. [2022-02-20 23:45:09,342 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-02-20 23:45:09,342 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:09,343 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:09,343 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2022-02-20 23:45:09,343 INFO L402 AbstractCegarLoop]: === Iteration 13 === Targeting ULTIMATE.startErr2REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:09,343 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:09,343 INFO L85 PathProgramCache]: Analyzing trace with hash 1341254785, now seen corresponding path program 1 times [2022-02-20 23:45:09,344 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:09,344 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1442540537] [2022-02-20 23:45:09,344 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:09,344 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:09,363 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:09,389 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:09,391 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:09,394 INFO L290 TraceCheckUtils]: 0: Hoare triple {16569#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {16569#true} is VALID [2022-02-20 23:45:09,395 INFO L290 TraceCheckUtils]: 1: Hoare triple {16569#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {16569#true} is VALID [2022-02-20 23:45:09,395 INFO L290 TraceCheckUtils]: 2: Hoare triple {16569#true} assume true; {16569#true} is VALID [2022-02-20 23:45:09,395 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {16569#true} {16569#true} #259#return; {16569#true} is VALID [2022-02-20 23:45:09,395 INFO L290 TraceCheckUtils]: 0: Hoare triple {16569#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {16569#true} is VALID [2022-02-20 23:45:09,395 INFO L290 TraceCheckUtils]: 1: Hoare triple {16569#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {16569#true} is VALID [2022-02-20 23:45:09,395 INFO L290 TraceCheckUtils]: 2: Hoare triple {16569#true} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {16569#true} is VALID [2022-02-20 23:45:09,396 INFO L290 TraceCheckUtils]: 3: Hoare triple {16569#true} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {16569#true} is VALID [2022-02-20 23:45:09,396 INFO L290 TraceCheckUtils]: 4: Hoare triple {16569#true} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {16569#true} is VALID [2022-02-20 23:45:09,396 INFO L290 TraceCheckUtils]: 5: Hoare triple {16569#true} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {16569#true} is VALID [2022-02-20 23:45:09,396 INFO L272 TraceCheckUtils]: 6: Hoare triple {16569#true} call main_#t~ret23#1 := rand_end_point(); {16569#true} is VALID [2022-02-20 23:45:09,396 INFO L290 TraceCheckUtils]: 7: Hoare triple {16569#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {16569#true} is VALID [2022-02-20 23:45:09,396 INFO L290 TraceCheckUtils]: 8: Hoare triple {16569#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {16569#true} is VALID [2022-02-20 23:45:09,397 INFO L290 TraceCheckUtils]: 9: Hoare triple {16569#true} assume true; {16569#true} is VALID [2022-02-20 23:45:09,397 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {16569#true} {16569#true} #259#return; {16569#true} is VALID [2022-02-20 23:45:09,397 INFO L290 TraceCheckUtils]: 11: Hoare triple {16569#true} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {16569#true} is VALID [2022-02-20 23:45:09,397 INFO L290 TraceCheckUtils]: 12: Hoare triple {16569#true} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {16569#true} is VALID [2022-02-20 23:45:09,398 INFO L290 TraceCheckUtils]: 13: Hoare triple {16569#true} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {16575#(= 1 (select |#valid| |ULTIMATE.start_create_item_~item~0#1.base|))} is VALID [2022-02-20 23:45:09,399 INFO L290 TraceCheckUtils]: 14: Hoare triple {16575#(= 1 (select |#valid| |ULTIMATE.start_create_item_~item~0#1.base|))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {16575#(= 1 (select |#valid| |ULTIMATE.start_create_item_~item~0#1.base|))} is VALID [2022-02-20 23:45:09,399 INFO L290 TraceCheckUtils]: 15: Hoare triple {16575#(= 1 (select |#valid| |ULTIMATE.start_create_item_~item~0#1.base|))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {16575#(= 1 (select |#valid| |ULTIMATE.start_create_item_~item~0#1.base|))} is VALID [2022-02-20 23:45:09,400 INFO L290 TraceCheckUtils]: 16: Hoare triple {16575#(= 1 (select |#valid| |ULTIMATE.start_create_item_~item~0#1.base|))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_NEXT;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_PREV; {16575#(= 1 (select |#valid| |ULTIMATE.start_create_item_~item~0#1.base|))} is VALID [2022-02-20 23:45:09,400 INFO L290 TraceCheckUtils]: 17: Hoare triple {16575#(= 1 (select |#valid| |ULTIMATE.start_create_item_~item~0#1.base|))} havoc create_item_#t~switch6#1; {16575#(= 1 (select |#valid| |ULTIMATE.start_create_item_~item~0#1.base|))} is VALID [2022-02-20 23:45:09,401 INFO L290 TraceCheckUtils]: 18: Hoare triple {16575#(= 1 (select |#valid| |ULTIMATE.start_create_item_~item~0#1.base|))} assume !(1 == #valid[create_item_~item~0#1.base]); {16570#false} is VALID [2022-02-20 23:45:09,401 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:09,401 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:09,401 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1442540537] [2022-02-20 23:45:09,401 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1442540537] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:09,401 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:09,401 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-02-20 23:45:09,402 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1077774956] [2022-02-20 23:45:09,402 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:09,402 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 8.5) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 19 [2022-02-20 23:45:09,402 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:09,402 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 3 states, 2 states have (on average 8.5) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:09,415 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 19 edges. 19 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:09,415 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-02-20 23:45:09,415 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:09,416 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-02-20 23:45:09,416 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:45:09,416 INFO L87 Difference]: Start difference. First operand 318 states and 440 transitions. Second operand has 3 states, 2 states have (on average 8.5) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:09,685 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:09,685 INFO L93 Difference]: Finished difference Result 409 states and 539 transitions. [2022-02-20 23:45:09,685 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-02-20 23:45:09,686 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 8.5) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 19 [2022-02-20 23:45:09,687 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:09,687 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 8.5) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:09,689 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 265 transitions. [2022-02-20 23:45:09,689 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3 states, 2 states have (on average 8.5) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:09,691 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3 states to 3 states and 265 transitions. [2022-02-20 23:45:09,692 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 3 states and 265 transitions. [2022-02-20 23:45:09,896 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 265 edges. 265 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:09,906 INFO L225 Difference]: With dead ends: 409 [2022-02-20 23:45:09,906 INFO L226 Difference]: Without dead ends: 409 [2022-02-20 23:45:09,906 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-02-20 23:45:09,907 INFO L933 BasicCegarLoop]: 183 mSDtfsCounter, 132 mSDsluCounter, 78 mSDsCounter, 0 mSdLazyCounter, 97 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 261 SdHoareTripleChecker+Invalid, 99 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 97 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:09,908 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [134 Valid, 261 Invalid, 99 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 97 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:09,909 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 409 states. [2022-02-20 23:45:09,913 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 409 to 315. [2022-02-20 23:45:09,913 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:09,914 INFO L82 GeneralOperation]: Start isEquivalent. First operand 409 states. Second operand has 315 states, 246 states have (on average 1.6829268292682926) internal successors, (414), 300 states have internal predecessors, (414), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:09,914 INFO L74 IsIncluded]: Start isIncluded. First operand 409 states. Second operand has 315 states, 246 states have (on average 1.6829268292682926) internal successors, (414), 300 states have internal predecessors, (414), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:09,927 INFO L87 Difference]: Start difference. First operand 409 states. Second operand has 315 states, 246 states have (on average 1.6829268292682926) internal successors, (414), 300 states have internal predecessors, (414), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:09,938 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:09,938 INFO L93 Difference]: Finished difference Result 409 states and 539 transitions. [2022-02-20 23:45:09,938 INFO L276 IsEmpty]: Start isEmpty. Operand 409 states and 539 transitions. [2022-02-20 23:45:09,939 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:09,939 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:09,940 INFO L74 IsIncluded]: Start isIncluded. First operand has 315 states, 246 states have (on average 1.6829268292682926) internal successors, (414), 300 states have internal predecessors, (414), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 409 states. [2022-02-20 23:45:09,941 INFO L87 Difference]: Start difference. First operand has 315 states, 246 states have (on average 1.6829268292682926) internal successors, (414), 300 states have internal predecessors, (414), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 409 states. [2022-02-20 23:45:09,952 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:09,952 INFO L93 Difference]: Finished difference Result 409 states and 539 transitions. [2022-02-20 23:45:09,952 INFO L276 IsEmpty]: Start isEmpty. Operand 409 states and 539 transitions. [2022-02-20 23:45:09,953 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:09,953 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:09,954 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:09,954 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:09,954 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 315 states, 246 states have (on average 1.6829268292682926) internal successors, (414), 300 states have internal predecessors, (414), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:09,961 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 315 states to 315 states and 434 transitions. [2022-02-20 23:45:09,961 INFO L78 Accepts]: Start accepts. Automaton has 315 states and 434 transitions. Word has length 19 [2022-02-20 23:45:09,961 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:09,961 INFO L470 AbstractCegarLoop]: Abstraction has 315 states and 434 transitions. [2022-02-20 23:45:09,962 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 8.5) internal successors, (17), 3 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:09,962 INFO L276 IsEmpty]: Start isEmpty. Operand 315 states and 434 transitions. [2022-02-20 23:45:09,963 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-02-20 23:45:09,963 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:09,963 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:09,963 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2022-02-20 23:45:09,964 INFO L402 AbstractCegarLoop]: === Iteration 14 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:09,964 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:09,964 INFO L85 PathProgramCache]: Analyzing trace with hash 1341254786, now seen corresponding path program 1 times [2022-02-20 23:45:09,964 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:09,964 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [435646010] [2022-02-20 23:45:09,964 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:09,965 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:09,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:10,019 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:10,021 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:10,027 INFO L290 TraceCheckUtils]: 0: Hoare triple {18120#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {18120#true} is VALID [2022-02-20 23:45:10,028 INFO L290 TraceCheckUtils]: 1: Hoare triple {18120#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {18120#true} is VALID [2022-02-20 23:45:10,028 INFO L290 TraceCheckUtils]: 2: Hoare triple {18120#true} assume true; {18120#true} is VALID [2022-02-20 23:45:10,028 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {18120#true} {18120#true} #259#return; {18120#true} is VALID [2022-02-20 23:45:10,028 INFO L290 TraceCheckUtils]: 0: Hoare triple {18120#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {18120#true} is VALID [2022-02-20 23:45:10,028 INFO L290 TraceCheckUtils]: 1: Hoare triple {18120#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {18120#true} is VALID [2022-02-20 23:45:10,029 INFO L290 TraceCheckUtils]: 2: Hoare triple {18120#true} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {18120#true} is VALID [2022-02-20 23:45:10,029 INFO L290 TraceCheckUtils]: 3: Hoare triple {18120#true} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {18120#true} is VALID [2022-02-20 23:45:10,029 INFO L290 TraceCheckUtils]: 4: Hoare triple {18120#true} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {18120#true} is VALID [2022-02-20 23:45:10,029 INFO L290 TraceCheckUtils]: 5: Hoare triple {18120#true} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {18120#true} is VALID [2022-02-20 23:45:10,029 INFO L272 TraceCheckUtils]: 6: Hoare triple {18120#true} call main_#t~ret23#1 := rand_end_point(); {18120#true} is VALID [2022-02-20 23:45:10,029 INFO L290 TraceCheckUtils]: 7: Hoare triple {18120#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {18120#true} is VALID [2022-02-20 23:45:10,030 INFO L290 TraceCheckUtils]: 8: Hoare triple {18120#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {18120#true} is VALID [2022-02-20 23:45:10,030 INFO L290 TraceCheckUtils]: 9: Hoare triple {18120#true} assume true; {18120#true} is VALID [2022-02-20 23:45:10,030 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {18120#true} {18120#true} #259#return; {18120#true} is VALID [2022-02-20 23:45:10,030 INFO L290 TraceCheckUtils]: 11: Hoare triple {18120#true} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {18120#true} is VALID [2022-02-20 23:45:10,030 INFO L290 TraceCheckUtils]: 12: Hoare triple {18120#true} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {18120#true} is VALID [2022-02-20 23:45:10,031 INFO L290 TraceCheckUtils]: 13: Hoare triple {18120#true} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {18126#(and (= |ULTIMATE.start_create_item_~item~0#1.offset| 0) (<= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)))} is VALID [2022-02-20 23:45:10,032 INFO L290 TraceCheckUtils]: 14: Hoare triple {18126#(and (= |ULTIMATE.start_create_item_~item~0#1.offset| 0) (<= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {18126#(and (= |ULTIMATE.start_create_item_~item~0#1.offset| 0) (<= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)))} is VALID [2022-02-20 23:45:10,032 INFO L290 TraceCheckUtils]: 15: Hoare triple {18126#(and (= |ULTIMATE.start_create_item_~item~0#1.offset| 0) (<= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {18126#(and (= |ULTIMATE.start_create_item_~item~0#1.offset| 0) (<= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)))} is VALID [2022-02-20 23:45:10,033 INFO L290 TraceCheckUtils]: 16: Hoare triple {18126#(and (= |ULTIMATE.start_create_item_~item~0#1.offset| 0) (<= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_NEXT;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_PREV; {18127#(and (<= (+ 265 (* 4 |ULTIMATE.start_create_item_~link_field~0#1|)) (+ (* ~unnamed2~0~ITEM_NEXT 4) (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|))) (<= ~unnamed2~0~ITEM_NEXT |ULTIMATE.start_create_item_~link_field~0#1|) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:10,033 INFO L290 TraceCheckUtils]: 17: Hoare triple {18127#(and (<= (+ 265 (* 4 |ULTIMATE.start_create_item_~link_field~0#1|)) (+ (* ~unnamed2~0~ITEM_NEXT 4) (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|))) (<= ~unnamed2~0~ITEM_NEXT |ULTIMATE.start_create_item_~link_field~0#1|) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} havoc create_item_#t~switch6#1; {18127#(and (<= (+ 265 (* 4 |ULTIMATE.start_create_item_~link_field~0#1|)) (+ (* ~unnamed2~0~ITEM_NEXT 4) (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|))) (<= ~unnamed2~0~ITEM_NEXT |ULTIMATE.start_create_item_~link_field~0#1|) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:10,034 INFO L290 TraceCheckUtils]: 18: Hoare triple {18127#(and (<= (+ 265 (* 4 |ULTIMATE.start_create_item_~link_field~0#1|)) (+ (* ~unnamed2~0~ITEM_NEXT 4) (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|))) (<= ~unnamed2~0~ITEM_NEXT |ULTIMATE.start_create_item_~link_field~0#1|) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} assume !(4 + (create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1) <= #length[create_item_~item~0#1.base] && 0 <= create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1); {18121#false} is VALID [2022-02-20 23:45:10,034 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:10,034 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:10,034 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [435646010] [2022-02-20 23:45:10,034 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [435646010] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:10,035 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:10,035 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:45:10,035 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2137666858] [2022-02-20 23:45:10,035 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:10,035 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 5.666666666666667) internal successors, (17), 4 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 19 [2022-02-20 23:45:10,036 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:10,036 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 5.666666666666667) internal successors, (17), 4 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:10,050 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 19 edges. 19 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:10,050 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:45:10,050 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:10,051 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:45:10,051 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:10,052 INFO L87 Difference]: Start difference. First operand 315 states and 434 transitions. Second operand has 4 states, 3 states have (on average 5.666666666666667) internal successors, (17), 4 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:10,577 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:10,577 INFO L93 Difference]: Finished difference Result 532 states and 662 transitions. [2022-02-20 23:45:10,577 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:45:10,577 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 5.666666666666667) internal successors, (17), 4 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 19 [2022-02-20 23:45:10,578 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:10,578 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 5.666666666666667) internal successors, (17), 4 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:10,581 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 410 transitions. [2022-02-20 23:45:10,581 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 5.666666666666667) internal successors, (17), 4 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:10,583 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 410 transitions. [2022-02-20 23:45:10,583 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 410 transitions. [2022-02-20 23:45:10,925 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 410 edges. 410 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:10,937 INFO L225 Difference]: With dead ends: 532 [2022-02-20 23:45:10,938 INFO L226 Difference]: Without dead ends: 532 [2022-02-20 23:45:10,938 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:10,938 INFO L933 BasicCegarLoop]: 200 mSDtfsCounter, 420 mSDsluCounter, 186 mSDsCounter, 0 mSdLazyCounter, 122 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 424 SdHoareTripleChecker+Valid, 386 SdHoareTripleChecker+Invalid, 126 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:10,938 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [424 Valid, 386 Invalid, 126 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:10,939 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 532 states. [2022-02-20 23:45:10,944 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 532 to 318. [2022-02-20 23:45:10,944 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:10,945 INFO L82 GeneralOperation]: Start isEquivalent. First operand 532 states. Second operand has 318 states, 250 states have (on average 1.664) internal successors, (416), 303 states have internal predecessors, (416), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:10,945 INFO L74 IsIncluded]: Start isIncluded. First operand 532 states. Second operand has 318 states, 250 states have (on average 1.664) internal successors, (416), 303 states have internal predecessors, (416), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:10,946 INFO L87 Difference]: Start difference. First operand 532 states. Second operand has 318 states, 250 states have (on average 1.664) internal successors, (416), 303 states have internal predecessors, (416), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:10,961 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:10,962 INFO L93 Difference]: Finished difference Result 532 states and 662 transitions. [2022-02-20 23:45:10,962 INFO L276 IsEmpty]: Start isEmpty. Operand 532 states and 662 transitions. [2022-02-20 23:45:10,963 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:10,963 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:10,964 INFO L74 IsIncluded]: Start isIncluded. First operand has 318 states, 250 states have (on average 1.664) internal successors, (416), 303 states have internal predecessors, (416), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 532 states. [2022-02-20 23:45:10,964 INFO L87 Difference]: Start difference. First operand has 318 states, 250 states have (on average 1.664) internal successors, (416), 303 states have internal predecessors, (416), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 532 states. [2022-02-20 23:45:10,980 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:10,980 INFO L93 Difference]: Finished difference Result 532 states and 662 transitions. [2022-02-20 23:45:10,980 INFO L276 IsEmpty]: Start isEmpty. Operand 532 states and 662 transitions. [2022-02-20 23:45:10,982 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:10,982 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:10,982 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:10,983 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:10,983 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 318 states, 250 states have (on average 1.664) internal successors, (416), 303 states have internal predecessors, (416), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:10,989 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 318 states to 318 states and 436 transitions. [2022-02-20 23:45:10,990 INFO L78 Accepts]: Start accepts. Automaton has 318 states and 436 transitions. Word has length 19 [2022-02-20 23:45:10,990 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:10,990 INFO L470 AbstractCegarLoop]: Abstraction has 318 states and 436 transitions. [2022-02-20 23:45:10,990 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 5.666666666666667) internal successors, (17), 4 states have internal predecessors, (17), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:10,990 INFO L276 IsEmpty]: Start isEmpty. Operand 318 states and 436 transitions. [2022-02-20 23:45:10,991 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-02-20 23:45:10,991 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:10,991 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:10,991 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2022-02-20 23:45:10,991 INFO L402 AbstractCegarLoop]: === Iteration 15 === Targeting ULTIMATE.startErr5REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:10,992 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:10,992 INFO L85 PathProgramCache]: Analyzing trace with hash -1370774597, now seen corresponding path program 1 times [2022-02-20 23:45:10,992 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:10,992 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [560333775] [2022-02-20 23:45:10,992 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:10,992 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:11,015 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:11,063 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:11,065 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:11,068 INFO L290 TraceCheckUtils]: 0: Hoare triple {20044#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {20044#true} is VALID [2022-02-20 23:45:11,068 INFO L290 TraceCheckUtils]: 1: Hoare triple {20044#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {20044#true} is VALID [2022-02-20 23:45:11,068 INFO L290 TraceCheckUtils]: 2: Hoare triple {20044#true} assume true; {20044#true} is VALID [2022-02-20 23:45:11,068 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {20044#true} {20044#true} #259#return; {20044#true} is VALID [2022-02-20 23:45:11,069 INFO L290 TraceCheckUtils]: 0: Hoare triple {20044#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {20044#true} is VALID [2022-02-20 23:45:11,069 INFO L290 TraceCheckUtils]: 1: Hoare triple {20044#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {20044#true} is VALID [2022-02-20 23:45:11,072 INFO L290 TraceCheckUtils]: 2: Hoare triple {20044#true} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {20044#true} is VALID [2022-02-20 23:45:11,072 INFO L290 TraceCheckUtils]: 3: Hoare triple {20044#true} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {20044#true} is VALID [2022-02-20 23:45:11,072 INFO L290 TraceCheckUtils]: 4: Hoare triple {20044#true} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {20044#true} is VALID [2022-02-20 23:45:11,073 INFO L290 TraceCheckUtils]: 5: Hoare triple {20044#true} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {20044#true} is VALID [2022-02-20 23:45:11,073 INFO L272 TraceCheckUtils]: 6: Hoare triple {20044#true} call main_#t~ret23#1 := rand_end_point(); {20044#true} is VALID [2022-02-20 23:45:11,074 INFO L290 TraceCheckUtils]: 7: Hoare triple {20044#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {20044#true} is VALID [2022-02-20 23:45:11,074 INFO L290 TraceCheckUtils]: 8: Hoare triple {20044#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {20044#true} is VALID [2022-02-20 23:45:11,074 INFO L290 TraceCheckUtils]: 9: Hoare triple {20044#true} assume true; {20044#true} is VALID [2022-02-20 23:45:11,074 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {20044#true} {20044#true} #259#return; {20044#true} is VALID [2022-02-20 23:45:11,074 INFO L290 TraceCheckUtils]: 11: Hoare triple {20044#true} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {20044#true} is VALID [2022-02-20 23:45:11,074 INFO L290 TraceCheckUtils]: 12: Hoare triple {20044#true} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {20044#true} is VALID [2022-02-20 23:45:11,075 INFO L290 TraceCheckUtils]: 13: Hoare triple {20044#true} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {20050#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:11,076 INFO L290 TraceCheckUtils]: 14: Hoare triple {20050#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {20050#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:11,076 INFO L290 TraceCheckUtils]: 15: Hoare triple {20050#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {20050#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:11,077 INFO L290 TraceCheckUtils]: 16: Hoare triple {20050#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_NEXT;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_PREV; {20051#(and (<= |ULTIMATE.start_create_item_~term_field~0#1| ~unnamed2~0~ITEM_PREV) (<= ~unnamed2~0~ITEM_PREV |ULTIMATE.start_create_item_~term_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:11,077 INFO L290 TraceCheckUtils]: 17: Hoare triple {20051#(and (<= |ULTIMATE.start_create_item_~term_field~0#1| ~unnamed2~0~ITEM_PREV) (<= ~unnamed2~0~ITEM_PREV |ULTIMATE.start_create_item_~term_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} havoc create_item_#t~switch6#1; {20051#(and (<= |ULTIMATE.start_create_item_~term_field~0#1| ~unnamed2~0~ITEM_PREV) (<= ~unnamed2~0~ITEM_PREV |ULTIMATE.start_create_item_~term_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:11,078 INFO L290 TraceCheckUtils]: 18: Hoare triple {20051#(and (<= |ULTIMATE.start_create_item_~term_field~0#1| ~unnamed2~0~ITEM_PREV) (<= ~unnamed2~0~ITEM_PREV |ULTIMATE.start_create_item_~term_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} SUMMARY for call write~$Pointer$(create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1, 4); srcloc: L681 {20051#(and (<= |ULTIMATE.start_create_item_~term_field~0#1| ~unnamed2~0~ITEM_PREV) (<= ~unnamed2~0~ITEM_PREV |ULTIMATE.start_create_item_~term_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:11,079 INFO L290 TraceCheckUtils]: 19: Hoare triple {20051#(and (<= |ULTIMATE.start_create_item_~term_field~0#1| ~unnamed2~0~ITEM_PREV) (<= ~unnamed2~0~ITEM_PREV |ULTIMATE.start_create_item_~term_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} assume !(4 + (create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1) <= #length[create_item_~item~0#1.base] && 0 <= create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1); {20045#false} is VALID [2022-02-20 23:45:11,079 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:11,079 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:11,079 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [560333775] [2022-02-20 23:45:11,080 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [560333775] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:11,080 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:11,080 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:45:11,080 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [930812683] [2022-02-20 23:45:11,080 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:11,081 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-02-20 23:45:11,081 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:11,081 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:11,095 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:11,096 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:45:11,096 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:11,096 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:45:11,096 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:11,097 INFO L87 Difference]: Start difference. First operand 318 states and 436 transitions. Second operand has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:11,575 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:11,575 INFO L93 Difference]: Finished difference Result 531 states and 660 transitions. [2022-02-20 23:45:11,576 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:45:11,576 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-02-20 23:45:11,576 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:11,576 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:11,580 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 407 transitions. [2022-02-20 23:45:11,580 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:11,584 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 407 transitions. [2022-02-20 23:45:11,585 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 407 transitions. [2022-02-20 23:45:11,913 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 407 edges. 407 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:11,925 INFO L225 Difference]: With dead ends: 531 [2022-02-20 23:45:11,926 INFO L226 Difference]: Without dead ends: 531 [2022-02-20 23:45:11,926 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:11,927 INFO L933 BasicCegarLoop]: 200 mSDtfsCounter, 417 mSDsluCounter, 186 mSDsCounter, 0 mSdLazyCounter, 122 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 421 SdHoareTripleChecker+Valid, 386 SdHoareTripleChecker+Invalid, 124 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:11,927 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [421 Valid, 386 Invalid, 124 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:11,928 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 531 states. [2022-02-20 23:45:11,933 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 531 to 320. [2022-02-20 23:45:11,933 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:11,933 INFO L82 GeneralOperation]: Start isEquivalent. First operand 531 states. Second operand has 320 states, 252 states have (on average 1.6587301587301588) internal successors, (418), 305 states have internal predecessors, (418), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:11,934 INFO L74 IsIncluded]: Start isIncluded. First operand 531 states. Second operand has 320 states, 252 states have (on average 1.6587301587301588) internal successors, (418), 305 states have internal predecessors, (418), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:11,934 INFO L87 Difference]: Start difference. First operand 531 states. Second operand has 320 states, 252 states have (on average 1.6587301587301588) internal successors, (418), 305 states have internal predecessors, (418), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:11,953 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:11,954 INFO L93 Difference]: Finished difference Result 531 states and 660 transitions. [2022-02-20 23:45:11,954 INFO L276 IsEmpty]: Start isEmpty. Operand 531 states and 660 transitions. [2022-02-20 23:45:11,957 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:11,958 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:11,958 INFO L74 IsIncluded]: Start isIncluded. First operand has 320 states, 252 states have (on average 1.6587301587301588) internal successors, (418), 305 states have internal predecessors, (418), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 531 states. [2022-02-20 23:45:11,963 INFO L87 Difference]: Start difference. First operand has 320 states, 252 states have (on average 1.6587301587301588) internal successors, (418), 305 states have internal predecessors, (418), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand 531 states. [2022-02-20 23:45:11,976 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:11,976 INFO L93 Difference]: Finished difference Result 531 states and 660 transitions. [2022-02-20 23:45:11,976 INFO L276 IsEmpty]: Start isEmpty. Operand 531 states and 660 transitions. [2022-02-20 23:45:11,983 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:11,983 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:11,983 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:11,984 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:11,984 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 320 states, 252 states have (on average 1.6587301587301588) internal successors, (418), 305 states have internal predecessors, (418), 10 states have call successors, (10), 5 states have call predecessors, (10), 5 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-02-20 23:45:11,991 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 320 states to 320 states and 438 transitions. [2022-02-20 23:45:11,991 INFO L78 Accepts]: Start accepts. Automaton has 320 states and 438 transitions. Word has length 20 [2022-02-20 23:45:11,991 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:11,992 INFO L470 AbstractCegarLoop]: Abstraction has 320 states and 438 transitions. [2022-02-20 23:45:11,992 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:11,992 INFO L276 IsEmpty]: Start isEmpty. Operand 320 states and 438 transitions. [2022-02-20 23:45:11,992 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-02-20 23:45:11,992 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:11,992 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:11,992 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2022-02-20 23:45:11,992 INFO L402 AbstractCegarLoop]: === Iteration 16 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:11,993 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:11,993 INFO L85 PathProgramCache]: Analyzing trace with hash -1370718893, now seen corresponding path program 1 times [2022-02-20 23:45:11,993 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:11,993 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1535841064] [2022-02-20 23:45:11,993 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:11,993 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:12,014 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:12,070 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:12,072 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:12,081 INFO L290 TraceCheckUtils]: 0: Hoare triple {21967#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {21967#true} is VALID [2022-02-20 23:45:12,082 INFO L290 TraceCheckUtils]: 1: Hoare triple {21967#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {21977#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:12,082 INFO L290 TraceCheckUtils]: 2: Hoare triple {21977#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} assume true; {21977#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:12,083 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {21977#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} {21967#true} #259#return; {21973#(<= |ULTIMATE.start_main_#t~ret23#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:12,083 INFO L290 TraceCheckUtils]: 0: Hoare triple {21967#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {21967#true} is VALID [2022-02-20 23:45:12,083 INFO L290 TraceCheckUtils]: 1: Hoare triple {21967#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {21967#true} is VALID [2022-02-20 23:45:12,083 INFO L290 TraceCheckUtils]: 2: Hoare triple {21967#true} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {21967#true} is VALID [2022-02-20 23:45:12,083 INFO L290 TraceCheckUtils]: 3: Hoare triple {21967#true} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {21967#true} is VALID [2022-02-20 23:45:12,083 INFO L290 TraceCheckUtils]: 4: Hoare triple {21967#true} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {21967#true} is VALID [2022-02-20 23:45:12,084 INFO L290 TraceCheckUtils]: 5: Hoare triple {21967#true} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {21967#true} is VALID [2022-02-20 23:45:12,084 INFO L272 TraceCheckUtils]: 6: Hoare triple {21967#true} call main_#t~ret23#1 := rand_end_point(); {21967#true} is VALID [2022-02-20 23:45:12,084 INFO L290 TraceCheckUtils]: 7: Hoare triple {21967#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {21967#true} is VALID [2022-02-20 23:45:12,084 INFO L290 TraceCheckUtils]: 8: Hoare triple {21967#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {21977#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:12,085 INFO L290 TraceCheckUtils]: 9: Hoare triple {21977#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} assume true; {21977#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:12,085 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {21977#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} {21967#true} #259#return; {21973#(<= |ULTIMATE.start_main_#t~ret23#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:12,086 INFO L290 TraceCheckUtils]: 11: Hoare triple {21973#(<= |ULTIMATE.start_main_#t~ret23#1| ~unnamed1~0~LIST_BEG)} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {21974#(not (= ~unnamed1~0~LIST_END |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:12,086 INFO L290 TraceCheckUtils]: 12: Hoare triple {21974#(not (= ~unnamed1~0~LIST_END |ULTIMATE.start_append_one_~to#1|))} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {21974#(not (= ~unnamed1~0~LIST_END |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:12,087 INFO L290 TraceCheckUtils]: 13: Hoare triple {21974#(not (= ~unnamed1~0~LIST_END |ULTIMATE.start_append_one_~to#1|))} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {21975#(not (= ~unnamed1~0~LIST_END |ULTIMATE.start_create_item_~at#1|))} is VALID [2022-02-20 23:45:12,087 INFO L290 TraceCheckUtils]: 14: Hoare triple {21975#(not (= ~unnamed1~0~LIST_END |ULTIMATE.start_create_item_~at#1|))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {21975#(not (= ~unnamed1~0~LIST_END |ULTIMATE.start_create_item_~at#1|))} is VALID [2022-02-20 23:45:12,092 INFO L290 TraceCheckUtils]: 15: Hoare triple {21975#(not (= ~unnamed1~0~LIST_END |ULTIMATE.start_create_item_~at#1|))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {21975#(not (= ~unnamed1~0~LIST_END |ULTIMATE.start_create_item_~at#1|))} is VALID [2022-02-20 23:45:12,093 INFO L290 TraceCheckUtils]: 16: Hoare triple {21975#(not (= ~unnamed1~0~LIST_END |ULTIMATE.start_create_item_~at#1|))} assume !create_item_#t~switch6#1;create_item_#t~switch6#1 := create_item_#t~switch6#1 || create_item_~at#1 == ~unnamed1~0~LIST_END; {21976#(not |ULTIMATE.start_create_item_#t~switch6#1|)} is VALID [2022-02-20 23:45:12,094 INFO L290 TraceCheckUtils]: 17: Hoare triple {21976#(not |ULTIMATE.start_create_item_#t~switch6#1|)} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_PREV;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_NEXT; {21968#false} is VALID [2022-02-20 23:45:12,095 INFO L290 TraceCheckUtils]: 18: Hoare triple {21968#false} havoc create_item_#t~switch6#1; {21968#false} is VALID [2022-02-20 23:45:12,098 INFO L290 TraceCheckUtils]: 19: Hoare triple {21968#false} assume !(4 + (create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1) <= #length[create_item_~item~0#1.base] && 0 <= create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1); {21968#false} is VALID [2022-02-20 23:45:12,099 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:12,099 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:12,099 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1535841064] [2022-02-20 23:45:12,101 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1535841064] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:12,101 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:12,101 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 23:45:12,101 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [879034407] [2022-02-20 23:45:12,101 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:12,102 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-02-20 23:45:12,102 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:12,102 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:12,116 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:12,116 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:45:12,116 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:12,117 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:45:12,117 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:45:12,117 INFO L87 Difference]: Start difference. First operand 320 states and 438 transitions. Second operand has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:12,734 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:12,734 INFO L93 Difference]: Finished difference Result 540 states and 713 transitions. [2022-02-20 23:45:12,734 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:45:12,734 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-02-20 23:45:12,734 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:12,734 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:12,737 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 325 transitions. [2022-02-20 23:45:12,737 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:12,739 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 325 transitions. [2022-02-20 23:45:12,739 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 325 transitions. [2022-02-20 23:45:12,957 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 325 edges. 325 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:12,968 INFO L225 Difference]: With dead ends: 540 [2022-02-20 23:45:12,968 INFO L226 Difference]: Without dead ends: 540 [2022-02-20 23:45:12,968 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:45:12,969 INFO L933 BasicCegarLoop]: 232 mSDtfsCounter, 336 mSDsluCounter, 1007 mSDsCounter, 0 mSdLazyCounter, 60 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 336 SdHoareTripleChecker+Valid, 1239 SdHoareTripleChecker+Invalid, 70 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 60 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:12,972 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [336 Valid, 1239 Invalid, 70 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 60 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:45:12,973 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 540 states. [2022-02-20 23:45:12,979 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 540 to 348. [2022-02-20 23:45:12,979 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:12,980 INFO L82 GeneralOperation]: Start isEquivalent. First operand 540 states. Second operand has 348 states, 275 states have (on average 1.6254545454545455) internal successors, (447), 329 states have internal predecessors, (447), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:12,980 INFO L74 IsIncluded]: Start isIncluded. First operand 540 states. Second operand has 348 states, 275 states have (on average 1.6254545454545455) internal successors, (447), 329 states have internal predecessors, (447), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:12,981 INFO L87 Difference]: Start difference. First operand 540 states. Second operand has 348 states, 275 states have (on average 1.6254545454545455) internal successors, (447), 329 states have internal predecessors, (447), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:12,996 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:12,996 INFO L93 Difference]: Finished difference Result 540 states and 713 transitions. [2022-02-20 23:45:12,996 INFO L276 IsEmpty]: Start isEmpty. Operand 540 states and 713 transitions. [2022-02-20 23:45:12,997 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:12,998 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:12,998 INFO L74 IsIncluded]: Start isIncluded. First operand has 348 states, 275 states have (on average 1.6254545454545455) internal successors, (447), 329 states have internal predecessors, (447), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 540 states. [2022-02-20 23:45:12,999 INFO L87 Difference]: Start difference. First operand has 348 states, 275 states have (on average 1.6254545454545455) internal successors, (447), 329 states have internal predecessors, (447), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 540 states. [2022-02-20 23:45:13,015 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:13,015 INFO L93 Difference]: Finished difference Result 540 states and 713 transitions. [2022-02-20 23:45:13,015 INFO L276 IsEmpty]: Start isEmpty. Operand 540 states and 713 transitions. [2022-02-20 23:45:13,016 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:13,016 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:13,016 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:13,016 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:13,017 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 348 states, 275 states have (on average 1.6254545454545455) internal successors, (447), 329 states have internal predecessors, (447), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:13,024 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 348 states to 348 states and 477 transitions. [2022-02-20 23:45:13,025 INFO L78 Accepts]: Start accepts. Automaton has 348 states and 477 transitions. Word has length 20 [2022-02-20 23:45:13,025 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:13,025 INFO L470 AbstractCegarLoop]: Abstraction has 348 states and 477 transitions. [2022-02-20 23:45:13,025 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:13,025 INFO L276 IsEmpty]: Start isEmpty. Operand 348 states and 477 transitions. [2022-02-20 23:45:13,026 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-02-20 23:45:13,026 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:13,026 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:13,026 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2022-02-20 23:45:13,026 INFO L402 AbstractCegarLoop]: === Iteration 17 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:13,027 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:13,027 INFO L85 PathProgramCache]: Analyzing trace with hash -1370716971, now seen corresponding path program 1 times [2022-02-20 23:45:13,027 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:13,027 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [536928582] [2022-02-20 23:45:13,027 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:13,027 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:13,057 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:13,135 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:13,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:13,158 INFO L290 TraceCheckUtils]: 0: Hoare triple {23957#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {23957#true} is VALID [2022-02-20 23:45:13,163 INFO L290 TraceCheckUtils]: 1: Hoare triple {23957#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {23967#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:13,164 INFO L290 TraceCheckUtils]: 2: Hoare triple {23967#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} assume true; {23967#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:13,164 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {23967#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} {23957#true} #259#return; {23963#(and (<= |ULTIMATE.start_main_#t~ret23#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_main_#t~ret23#1|))} is VALID [2022-02-20 23:45:13,165 INFO L290 TraceCheckUtils]: 0: Hoare triple {23957#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {23957#true} is VALID [2022-02-20 23:45:13,166 INFO L290 TraceCheckUtils]: 1: Hoare triple {23957#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {23957#true} is VALID [2022-02-20 23:45:13,166 INFO L290 TraceCheckUtils]: 2: Hoare triple {23957#true} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {23957#true} is VALID [2022-02-20 23:45:13,166 INFO L290 TraceCheckUtils]: 3: Hoare triple {23957#true} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {23957#true} is VALID [2022-02-20 23:45:13,166 INFO L290 TraceCheckUtils]: 4: Hoare triple {23957#true} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {23957#true} is VALID [2022-02-20 23:45:13,166 INFO L290 TraceCheckUtils]: 5: Hoare triple {23957#true} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {23957#true} is VALID [2022-02-20 23:45:13,167 INFO L272 TraceCheckUtils]: 6: Hoare triple {23957#true} call main_#t~ret23#1 := rand_end_point(); {23957#true} is VALID [2022-02-20 23:45:13,167 INFO L290 TraceCheckUtils]: 7: Hoare triple {23957#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {23957#true} is VALID [2022-02-20 23:45:13,167 INFO L290 TraceCheckUtils]: 8: Hoare triple {23957#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {23967#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:13,168 INFO L290 TraceCheckUtils]: 9: Hoare triple {23967#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} assume true; {23967#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:13,171 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {23967#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} {23957#true} #259#return; {23963#(and (<= |ULTIMATE.start_main_#t~ret23#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_main_#t~ret23#1|))} is VALID [2022-02-20 23:45:13,172 INFO L290 TraceCheckUtils]: 11: Hoare triple {23963#(and (<= |ULTIMATE.start_main_#t~ret23#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_main_#t~ret23#1|))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {23964#(and (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (< 0 (+ 1 |ULTIMATE.start_append_one_~to#1|)))} is VALID [2022-02-20 23:45:13,172 INFO L290 TraceCheckUtils]: 12: Hoare triple {23964#(and (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (< 0 (+ 1 |ULTIMATE.start_append_one_~to#1|)))} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {23964#(and (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (< 0 (+ 1 |ULTIMATE.start_append_one_~to#1|)))} is VALID [2022-02-20 23:45:13,173 INFO L290 TraceCheckUtils]: 13: Hoare triple {23964#(and (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (< 0 (+ 1 |ULTIMATE.start_append_one_~to#1|)))} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {23965#(= ~unnamed1~0~LIST_BEG |ULTIMATE.start_create_item_~at#1|)} is VALID [2022-02-20 23:45:13,173 INFO L290 TraceCheckUtils]: 14: Hoare triple {23965#(= ~unnamed1~0~LIST_BEG |ULTIMATE.start_create_item_~at#1|)} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {23965#(= ~unnamed1~0~LIST_BEG |ULTIMATE.start_create_item_~at#1|)} is VALID [2022-02-20 23:45:13,174 INFO L290 TraceCheckUtils]: 15: Hoare triple {23965#(= ~unnamed1~0~LIST_BEG |ULTIMATE.start_create_item_~at#1|)} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {23966#|ULTIMATE.start_create_item_#t~switch6#1|} is VALID [2022-02-20 23:45:13,174 INFO L290 TraceCheckUtils]: 16: Hoare triple {23966#|ULTIMATE.start_create_item_#t~switch6#1|} assume !create_item_#t~switch6#1;create_item_#t~switch6#1 := create_item_#t~switch6#1 || create_item_~at#1 == ~unnamed1~0~LIST_END; {23958#false} is VALID [2022-02-20 23:45:13,174 INFO L290 TraceCheckUtils]: 17: Hoare triple {23958#false} assume !create_item_#t~switch6#1; {23958#false} is VALID [2022-02-20 23:45:13,175 INFO L290 TraceCheckUtils]: 18: Hoare triple {23958#false} havoc create_item_#t~switch6#1; {23958#false} is VALID [2022-02-20 23:45:13,175 INFO L290 TraceCheckUtils]: 19: Hoare triple {23958#false} assume !(4 + (create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1) <= #length[create_item_~item~0#1.base] && 0 <= create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1); {23958#false} is VALID [2022-02-20 23:45:13,175 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:13,175 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:13,175 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [536928582] [2022-02-20 23:45:13,175 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [536928582] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:13,176 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:13,176 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 23:45:13,176 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1827533192] [2022-02-20 23:45:13,176 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:13,176 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-02-20 23:45:13,177 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:13,177 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:13,190 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:13,191 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:45:13,191 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:13,191 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:45:13,191 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:45:13,192 INFO L87 Difference]: Start difference. First operand 348 states and 477 transitions. Second operand has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:13,994 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:13,995 INFO L93 Difference]: Finished difference Result 530 states and 699 transitions. [2022-02-20 23:45:13,995 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:45:13,995 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-02-20 23:45:13,995 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:13,995 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:13,997 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 320 transitions. [2022-02-20 23:45:13,998 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:14,000 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 320 transitions. [2022-02-20 23:45:14,000 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 320 transitions. [2022-02-20 23:45:14,260 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 320 edges. 320 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:14,274 INFO L225 Difference]: With dead ends: 530 [2022-02-20 23:45:14,274 INFO L226 Difference]: Without dead ends: 530 [2022-02-20 23:45:14,274 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:45:14,275 INFO L933 BasicCegarLoop]: 232 mSDtfsCounter, 325 mSDsluCounter, 1004 mSDsCounter, 0 mSdLazyCounter, 56 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 325 SdHoareTripleChecker+Valid, 1236 SdHoareTripleChecker+Invalid, 67 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 56 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:14,275 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [325 Valid, 1236 Invalid, 67 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 56 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:14,276 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 530 states. [2022-02-20 23:45:14,281 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 530 to 346. [2022-02-20 23:45:14,282 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:14,282 INFO L82 GeneralOperation]: Start isEquivalent. First operand 530 states. Second operand has 346 states, 273 states have (on average 1.6227106227106227) internal successors, (443), 327 states have internal predecessors, (443), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:14,283 INFO L74 IsIncluded]: Start isIncluded. First operand 530 states. Second operand has 346 states, 273 states have (on average 1.6227106227106227) internal successors, (443), 327 states have internal predecessors, (443), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:14,283 INFO L87 Difference]: Start difference. First operand 530 states. Second operand has 346 states, 273 states have (on average 1.6227106227106227) internal successors, (443), 327 states have internal predecessors, (443), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:14,298 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:14,298 INFO L93 Difference]: Finished difference Result 530 states and 699 transitions. [2022-02-20 23:45:14,298 INFO L276 IsEmpty]: Start isEmpty. Operand 530 states and 699 transitions. [2022-02-20 23:45:14,299 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:14,299 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:14,300 INFO L74 IsIncluded]: Start isIncluded. First operand has 346 states, 273 states have (on average 1.6227106227106227) internal successors, (443), 327 states have internal predecessors, (443), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 530 states. [2022-02-20 23:45:14,300 INFO L87 Difference]: Start difference. First operand has 346 states, 273 states have (on average 1.6227106227106227) internal successors, (443), 327 states have internal predecessors, (443), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 530 states. [2022-02-20 23:45:14,315 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:14,316 INFO L93 Difference]: Finished difference Result 530 states and 699 transitions. [2022-02-20 23:45:14,316 INFO L276 IsEmpty]: Start isEmpty. Operand 530 states and 699 transitions. [2022-02-20 23:45:14,317 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:14,317 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:14,317 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:14,317 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:14,318 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 346 states, 273 states have (on average 1.6227106227106227) internal successors, (443), 327 states have internal predecessors, (443), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:14,324 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 346 states to 346 states and 473 transitions. [2022-02-20 23:45:14,325 INFO L78 Accepts]: Start accepts. Automaton has 346 states and 473 transitions. Word has length 20 [2022-02-20 23:45:14,325 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:14,325 INFO L470 AbstractCegarLoop]: Abstraction has 346 states and 473 transitions. [2022-02-20 23:45:14,325 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:14,325 INFO L276 IsEmpty]: Start isEmpty. Operand 346 states and 473 transitions. [2022-02-20 23:45:14,326 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-02-20 23:45:14,326 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:14,326 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:14,326 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2022-02-20 23:45:14,326 INFO L402 AbstractCegarLoop]: === Iteration 18 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:14,327 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:14,327 INFO L85 PathProgramCache]: Analyzing trace with hash -1241636174, now seen corresponding path program 1 times [2022-02-20 23:45:14,327 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:14,327 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [680381696] [2022-02-20 23:45:14,327 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:14,327 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:14,339 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:14,374 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:14,376 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:14,378 INFO L290 TraceCheckUtils]: 0: Hoare triple {25915#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {25915#true} is VALID [2022-02-20 23:45:14,378 INFO L290 TraceCheckUtils]: 1: Hoare triple {25915#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {25915#true} is VALID [2022-02-20 23:45:14,378 INFO L290 TraceCheckUtils]: 2: Hoare triple {25915#true} assume true; {25915#true} is VALID [2022-02-20 23:45:14,379 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {25915#true} {25915#true} #259#return; {25915#true} is VALID [2022-02-20 23:45:14,379 INFO L290 TraceCheckUtils]: 0: Hoare triple {25915#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {25915#true} is VALID [2022-02-20 23:45:14,379 INFO L290 TraceCheckUtils]: 1: Hoare triple {25915#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {25915#true} is VALID [2022-02-20 23:45:14,379 INFO L290 TraceCheckUtils]: 2: Hoare triple {25915#true} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {25915#true} is VALID [2022-02-20 23:45:14,379 INFO L290 TraceCheckUtils]: 3: Hoare triple {25915#true} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {25915#true} is VALID [2022-02-20 23:45:14,379 INFO L290 TraceCheckUtils]: 4: Hoare triple {25915#true} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {25915#true} is VALID [2022-02-20 23:45:14,379 INFO L290 TraceCheckUtils]: 5: Hoare triple {25915#true} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {25915#true} is VALID [2022-02-20 23:45:14,380 INFO L272 TraceCheckUtils]: 6: Hoare triple {25915#true} call main_#t~ret23#1 := rand_end_point(); {25915#true} is VALID [2022-02-20 23:45:14,380 INFO L290 TraceCheckUtils]: 7: Hoare triple {25915#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {25915#true} is VALID [2022-02-20 23:45:14,380 INFO L290 TraceCheckUtils]: 8: Hoare triple {25915#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {25915#true} is VALID [2022-02-20 23:45:14,380 INFO L290 TraceCheckUtils]: 9: Hoare triple {25915#true} assume true; {25915#true} is VALID [2022-02-20 23:45:14,380 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {25915#true} {25915#true} #259#return; {25915#true} is VALID [2022-02-20 23:45:14,380 INFO L290 TraceCheckUtils]: 11: Hoare triple {25915#true} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {25915#true} is VALID [2022-02-20 23:45:14,380 INFO L290 TraceCheckUtils]: 12: Hoare triple {25915#true} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {25915#true} is VALID [2022-02-20 23:45:14,381 INFO L290 TraceCheckUtils]: 13: Hoare triple {25915#true} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {25921#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:14,382 INFO L290 TraceCheckUtils]: 14: Hoare triple {25921#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {25921#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:14,382 INFO L290 TraceCheckUtils]: 15: Hoare triple {25921#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {25921#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:14,383 INFO L290 TraceCheckUtils]: 16: Hoare triple {25921#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} assume !create_item_#t~switch6#1;create_item_#t~switch6#1 := create_item_#t~switch6#1 || create_item_~at#1 == ~unnamed1~0~LIST_END; {25921#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:14,383 INFO L290 TraceCheckUtils]: 17: Hoare triple {25921#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_PREV;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_NEXT; {25922#(and (<= ~unnamed2~0~ITEM_PREV |ULTIMATE.start_create_item_~link_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0) (<= |ULTIMATE.start_create_item_~link_field~0#1| ~unnamed2~0~ITEM_PREV))} is VALID [2022-02-20 23:45:14,384 INFO L290 TraceCheckUtils]: 18: Hoare triple {25922#(and (<= ~unnamed2~0~ITEM_PREV |ULTIMATE.start_create_item_~link_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0) (<= |ULTIMATE.start_create_item_~link_field~0#1| ~unnamed2~0~ITEM_PREV))} havoc create_item_#t~switch6#1; {25922#(and (<= ~unnamed2~0~ITEM_PREV |ULTIMATE.start_create_item_~link_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0) (<= |ULTIMATE.start_create_item_~link_field~0#1| ~unnamed2~0~ITEM_PREV))} is VALID [2022-02-20 23:45:14,384 INFO L290 TraceCheckUtils]: 19: Hoare triple {25922#(and (<= ~unnamed2~0~ITEM_PREV |ULTIMATE.start_create_item_~link_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0) (<= |ULTIMATE.start_create_item_~link_field~0#1| ~unnamed2~0~ITEM_PREV))} assume !(4 + (create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1) <= #length[create_item_~item~0#1.base] && 0 <= create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1); {25916#false} is VALID [2022-02-20 23:45:14,385 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:14,385 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:14,385 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [680381696] [2022-02-20 23:45:14,385 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [680381696] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:14,385 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:14,385 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:45:14,385 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [484755403] [2022-02-20 23:45:14,386 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:14,386 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-02-20 23:45:14,386 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:14,386 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:14,400 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:14,400 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:45:14,401 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:14,401 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:45:14,401 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:14,401 INFO L87 Difference]: Start difference. First operand 346 states and 473 transitions. Second operand has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:14,929 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:14,929 INFO L93 Difference]: Finished difference Result 572 states and 718 transitions. [2022-02-20 23:45:14,929 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:45:14,930 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-02-20 23:45:14,930 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:14,930 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:14,932 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 408 transitions. [2022-02-20 23:45:14,933 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:14,935 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 408 transitions. [2022-02-20 23:45:14,935 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 408 transitions. [2022-02-20 23:45:15,271 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 408 edges. 408 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:15,286 INFO L225 Difference]: With dead ends: 572 [2022-02-20 23:45:15,286 INFO L226 Difference]: Without dead ends: 572 [2022-02-20 23:45:15,286 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:15,287 INFO L933 BasicCegarLoop]: 297 mSDtfsCounter, 282 mSDsluCounter, 186 mSDsCounter, 0 mSdLazyCounter, 168 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 286 SdHoareTripleChecker+Valid, 483 SdHoareTripleChecker+Invalid, 170 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 168 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:15,291 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [286 Valid, 483 Invalid, 170 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 168 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:15,292 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 572 states. [2022-02-20 23:45:15,299 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 572 to 350. [2022-02-20 23:45:15,300 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:15,300 INFO L82 GeneralOperation]: Start isEquivalent. First operand 572 states. Second operand has 350 states, 277 states have (on average 1.6137184115523466) internal successors, (447), 331 states have internal predecessors, (447), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:15,301 INFO L74 IsIncluded]: Start isIncluded. First operand 572 states. Second operand has 350 states, 277 states have (on average 1.6137184115523466) internal successors, (447), 331 states have internal predecessors, (447), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:15,301 INFO L87 Difference]: Start difference. First operand 572 states. Second operand has 350 states, 277 states have (on average 1.6137184115523466) internal successors, (447), 331 states have internal predecessors, (447), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:15,317 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:15,317 INFO L93 Difference]: Finished difference Result 572 states and 718 transitions. [2022-02-20 23:45:15,317 INFO L276 IsEmpty]: Start isEmpty. Operand 572 states and 718 transitions. [2022-02-20 23:45:15,318 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:15,318 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:15,319 INFO L74 IsIncluded]: Start isIncluded. First operand has 350 states, 277 states have (on average 1.6137184115523466) internal successors, (447), 331 states have internal predecessors, (447), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 572 states. [2022-02-20 23:45:15,319 INFO L87 Difference]: Start difference. First operand has 350 states, 277 states have (on average 1.6137184115523466) internal successors, (447), 331 states have internal predecessors, (447), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 572 states. [2022-02-20 23:45:15,336 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:15,336 INFO L93 Difference]: Finished difference Result 572 states and 718 transitions. [2022-02-20 23:45:15,336 INFO L276 IsEmpty]: Start isEmpty. Operand 572 states and 718 transitions. [2022-02-20 23:45:15,337 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:15,337 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:15,337 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:15,338 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:15,338 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 350 states, 277 states have (on average 1.6137184115523466) internal successors, (447), 331 states have internal predecessors, (447), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:15,344 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 350 states to 350 states and 477 transitions. [2022-02-20 23:45:15,345 INFO L78 Accepts]: Start accepts. Automaton has 350 states and 477 transitions. Word has length 20 [2022-02-20 23:45:15,345 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:15,345 INFO L470 AbstractCegarLoop]: Abstraction has 350 states and 477 transitions. [2022-02-20 23:45:15,345 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 6.0) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:15,345 INFO L276 IsEmpty]: Start isEmpty. Operand 350 states and 477 transitions. [2022-02-20 23:45:15,347 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-02-20 23:45:15,347 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:15,347 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:15,347 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2022-02-20 23:45:15,348 INFO L402 AbstractCegarLoop]: === Iteration 19 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:15,348 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:15,348 INFO L85 PathProgramCache]: Analyzing trace with hash -1241634252, now seen corresponding path program 1 times [2022-02-20 23:45:15,348 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:15,348 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1624507202] [2022-02-20 23:45:15,349 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:15,349 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:15,364 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:15,436 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:15,438 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:15,453 INFO L290 TraceCheckUtils]: 0: Hoare triple {27991#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {27991#true} is VALID [2022-02-20 23:45:15,454 INFO L290 TraceCheckUtils]: 1: Hoare triple {27991#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {28001#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:15,454 INFO L290 TraceCheckUtils]: 2: Hoare triple {28001#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} assume true; {28001#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:15,455 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {28001#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} {27991#true} #259#return; {27997#(and (<= |ULTIMATE.start_main_#t~ret23#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_main_#t~ret23#1|))} is VALID [2022-02-20 23:45:15,455 INFO L290 TraceCheckUtils]: 0: Hoare triple {27991#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {27991#true} is VALID [2022-02-20 23:45:15,456 INFO L290 TraceCheckUtils]: 1: Hoare triple {27991#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {27991#true} is VALID [2022-02-20 23:45:15,456 INFO L290 TraceCheckUtils]: 2: Hoare triple {27991#true} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {27991#true} is VALID [2022-02-20 23:45:15,456 INFO L290 TraceCheckUtils]: 3: Hoare triple {27991#true} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {27991#true} is VALID [2022-02-20 23:45:15,456 INFO L290 TraceCheckUtils]: 4: Hoare triple {27991#true} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {27991#true} is VALID [2022-02-20 23:45:15,456 INFO L290 TraceCheckUtils]: 5: Hoare triple {27991#true} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {27991#true} is VALID [2022-02-20 23:45:15,456 INFO L272 TraceCheckUtils]: 6: Hoare triple {27991#true} call main_#t~ret23#1 := rand_end_point(); {27991#true} is VALID [2022-02-20 23:45:15,457 INFO L290 TraceCheckUtils]: 7: Hoare triple {27991#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {27991#true} is VALID [2022-02-20 23:45:15,457 INFO L290 TraceCheckUtils]: 8: Hoare triple {27991#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {28001#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:15,457 INFO L290 TraceCheckUtils]: 9: Hoare triple {28001#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} assume true; {28001#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:15,458 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {28001#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} {27991#true} #259#return; {27997#(and (<= |ULTIMATE.start_main_#t~ret23#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_main_#t~ret23#1|))} is VALID [2022-02-20 23:45:15,458 INFO L290 TraceCheckUtils]: 11: Hoare triple {27997#(and (<= |ULTIMATE.start_main_#t~ret23#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_main_#t~ret23#1|))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {27998#(and (<= ~unnamed1~0~LIST_END |ULTIMATE.start_append_one_~to#1|) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:15,459 INFO L290 TraceCheckUtils]: 12: Hoare triple {27998#(and (<= ~unnamed1~0~LIST_END |ULTIMATE.start_append_one_~to#1|) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_END))} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {27998#(and (<= ~unnamed1~0~LIST_END |ULTIMATE.start_append_one_~to#1|) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:15,460 INFO L290 TraceCheckUtils]: 13: Hoare triple {27998#(and (<= ~unnamed1~0~LIST_END |ULTIMATE.start_append_one_~to#1|) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_END))} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {27999#(= ~unnamed1~0~LIST_END |ULTIMATE.start_create_item_~at#1|)} is VALID [2022-02-20 23:45:15,460 INFO L290 TraceCheckUtils]: 14: Hoare triple {27999#(= ~unnamed1~0~LIST_END |ULTIMATE.start_create_item_~at#1|)} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {27999#(= ~unnamed1~0~LIST_END |ULTIMATE.start_create_item_~at#1|)} is VALID [2022-02-20 23:45:15,460 INFO L290 TraceCheckUtils]: 15: Hoare triple {27999#(= ~unnamed1~0~LIST_END |ULTIMATE.start_create_item_~at#1|)} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {27999#(= ~unnamed1~0~LIST_END |ULTIMATE.start_create_item_~at#1|)} is VALID [2022-02-20 23:45:15,461 INFO L290 TraceCheckUtils]: 16: Hoare triple {27999#(= ~unnamed1~0~LIST_END |ULTIMATE.start_create_item_~at#1|)} assume !create_item_#t~switch6#1;create_item_#t~switch6#1 := create_item_#t~switch6#1 || create_item_~at#1 == ~unnamed1~0~LIST_END; {28000#|ULTIMATE.start_create_item_#t~switch6#1|} is VALID [2022-02-20 23:45:15,461 INFO L290 TraceCheckUtils]: 17: Hoare triple {28000#|ULTIMATE.start_create_item_#t~switch6#1|} assume !create_item_#t~switch6#1; {27992#false} is VALID [2022-02-20 23:45:15,461 INFO L290 TraceCheckUtils]: 18: Hoare triple {27992#false} havoc create_item_#t~switch6#1; {27992#false} is VALID [2022-02-20 23:45:15,461 INFO L290 TraceCheckUtils]: 19: Hoare triple {27992#false} assume !(4 + (create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1) <= #length[create_item_~item~0#1.base] && 0 <= create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1); {27992#false} is VALID [2022-02-20 23:45:15,462 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:15,462 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:15,462 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1624507202] [2022-02-20 23:45:15,462 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1624507202] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:15,462 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:15,462 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-02-20 23:45:15,463 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [632688994] [2022-02-20 23:45:15,463 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:15,465 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-02-20 23:45:15,465 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:15,465 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:15,478 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 20 edges. 20 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:15,479 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:45:15,479 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:15,479 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:45:15,479 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:45:15,480 INFO L87 Difference]: Start difference. First operand 350 states and 477 transitions. Second operand has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:16,238 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:16,239 INFO L93 Difference]: Finished difference Result 527 states and 693 transitions. [2022-02-20 23:45:16,239 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:45:16,239 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-02-20 23:45:16,239 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:16,239 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:16,241 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 317 transitions. [2022-02-20 23:45:16,242 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:16,243 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 317 transitions. [2022-02-20 23:45:16,244 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 317 transitions. [2022-02-20 23:45:16,445 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 317 edges. 317 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:16,455 INFO L225 Difference]: With dead ends: 527 [2022-02-20 23:45:16,455 INFO L226 Difference]: Without dead ends: 527 [2022-02-20 23:45:16,455 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:45:16,455 INFO L933 BasicCegarLoop]: 303 mSDtfsCounter, 328 mSDsluCounter, 1166 mSDsCounter, 0 mSdLazyCounter, 64 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 328 SdHoareTripleChecker+Valid, 1469 SdHoareTripleChecker+Invalid, 69 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 64 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:16,456 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [328 Valid, 1469 Invalid, 69 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 64 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:45:16,456 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 527 states. [2022-02-20 23:45:16,462 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 527 to 345. [2022-02-20 23:45:16,462 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:16,463 INFO L82 GeneralOperation]: Start isEquivalent. First operand 527 states. Second operand has 345 states, 273 states have (on average 1.6080586080586081) internal successors, (439), 326 states have internal predecessors, (439), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:16,463 INFO L74 IsIncluded]: Start isIncluded. First operand 527 states. Second operand has 345 states, 273 states have (on average 1.6080586080586081) internal successors, (439), 326 states have internal predecessors, (439), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:16,464 INFO L87 Difference]: Start difference. First operand 527 states. Second operand has 345 states, 273 states have (on average 1.6080586080586081) internal successors, (439), 326 states have internal predecessors, (439), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:16,477 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:16,477 INFO L93 Difference]: Finished difference Result 527 states and 693 transitions. [2022-02-20 23:45:16,477 INFO L276 IsEmpty]: Start isEmpty. Operand 527 states and 693 transitions. [2022-02-20 23:45:16,478 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:16,478 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:16,479 INFO L74 IsIncluded]: Start isIncluded. First operand has 345 states, 273 states have (on average 1.6080586080586081) internal successors, (439), 326 states have internal predecessors, (439), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 527 states. [2022-02-20 23:45:16,479 INFO L87 Difference]: Start difference. First operand has 345 states, 273 states have (on average 1.6080586080586081) internal successors, (439), 326 states have internal predecessors, (439), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 527 states. [2022-02-20 23:45:16,493 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:16,493 INFO L93 Difference]: Finished difference Result 527 states and 693 transitions. [2022-02-20 23:45:16,493 INFO L276 IsEmpty]: Start isEmpty. Operand 527 states and 693 transitions. [2022-02-20 23:45:16,494 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:16,494 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:16,495 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:16,495 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:16,495 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 345 states, 273 states have (on average 1.6080586080586081) internal successors, (439), 326 states have internal predecessors, (439), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:16,502 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 345 states to 345 states and 469 transitions. [2022-02-20 23:45:16,502 INFO L78 Accepts]: Start accepts. Automaton has 345 states and 469 transitions. Word has length 20 [2022-02-20 23:45:16,502 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:16,502 INFO L470 AbstractCegarLoop]: Abstraction has 345 states and 469 transitions. [2022-02-20 23:45:16,502 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:16,502 INFO L276 IsEmpty]: Start isEmpty. Operand 345 states and 469 transitions. [2022-02-20 23:45:16,503 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-02-20 23:45:16,503 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:16,503 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:16,503 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2022-02-20 23:45:16,503 INFO L402 AbstractCegarLoop]: === Iteration 20 === Targeting ULTIMATE.startErr25ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:16,504 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:16,504 INFO L85 PathProgramCache]: Analyzing trace with hash 712638781, now seen corresponding path program 1 times [2022-02-20 23:45:16,504 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:16,504 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [474269161] [2022-02-20 23:45:16,504 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:16,504 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:16,523 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:16,777 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:16,779 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:16,781 INFO L290 TraceCheckUtils]: 0: Hoare triple {29939#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {29939#true} is VALID [2022-02-20 23:45:16,781 INFO L290 TraceCheckUtils]: 1: Hoare triple {29939#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {29939#true} is VALID [2022-02-20 23:45:16,781 INFO L290 TraceCheckUtils]: 2: Hoare triple {29939#true} assume true; {29939#true} is VALID [2022-02-20 23:45:16,782 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {29939#true} {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} #261#return; {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:16,783 INFO L290 TraceCheckUtils]: 0: Hoare triple {29939#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:16,784 INFO L290 TraceCheckUtils]: 1: Hoare triple {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:16,784 INFO L290 TraceCheckUtils]: 2: Hoare triple {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:16,785 INFO L290 TraceCheckUtils]: 3: Hoare triple {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:16,785 INFO L290 TraceCheckUtils]: 4: Hoare triple {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:16,786 INFO L290 TraceCheckUtils]: 5: Hoare triple {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:16,786 INFO L290 TraceCheckUtils]: 6: Hoare triple {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:16,787 INFO L290 TraceCheckUtils]: 7: Hoare triple {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:16,787 INFO L272 TraceCheckUtils]: 8: Hoare triple {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} call main_#t~ret25#1 := rand_end_point(); {29939#true} is VALID [2022-02-20 23:45:16,787 INFO L290 TraceCheckUtils]: 9: Hoare triple {29939#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {29939#true} is VALID [2022-02-20 23:45:16,787 INFO L290 TraceCheckUtils]: 10: Hoare triple {29939#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {29939#true} is VALID [2022-02-20 23:45:16,787 INFO L290 TraceCheckUtils]: 11: Hoare triple {29939#true} assume true; {29939#true} is VALID [2022-02-20 23:45:16,788 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {29939#true} {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} #261#return; {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:16,789 INFO L290 TraceCheckUtils]: 13: Hoare triple {29941#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= 0 |~#list~0.offset|) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {29946#(or (and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_is_empty_~list#1.base|) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_is_empty_~list#1.offset|)) 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_is_empty_~list#1.base|) (+ |ULTIMATE.start_is_empty_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_is_empty_~list#1.base|) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_is_empty_~list#1.offset|)) 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_is_empty_~list#1.base|) (+ |ULTIMATE.start_is_empty_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0)) (not (= |ULTIMATE.start_is_empty_~list#1.offset| 0)))} is VALID [2022-02-20 23:45:16,790 INFO L290 TraceCheckUtils]: 14: Hoare triple {29946#(or (and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_is_empty_~list#1.base|) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_is_empty_~list#1.offset|)) 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_is_empty_~list#1.base|) (+ |ULTIMATE.start_is_empty_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_is_empty_~list#1.base|) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_is_empty_~list#1.offset|)) 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_is_empty_~list#1.base|) (+ |ULTIMATE.start_is_empty_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0)) (not (= |ULTIMATE.start_is_empty_~list#1.offset| 0)))} SUMMARY for call is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L659 {29947#(or (and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_is_empty_~list#1.base|) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_is_empty_~list#1.offset|)) 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_is_empty_~list#1.base|) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_is_empty_~list#1.offset|)) 0) (= |ULTIMATE.start_is_empty_#t~mem3#1.base| 0) (= 0 |ULTIMATE.start_is_empty_#t~mem3#1.offset|)) (not (= |ULTIMATE.start_is_empty_~list#1.offset| 0)))} is VALID [2022-02-20 23:45:16,796 INFO L290 TraceCheckUtils]: 15: Hoare triple {29947#(or (and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_is_empty_~list#1.base|) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_is_empty_~list#1.offset|)) 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_is_empty_~list#1.base|) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_is_empty_~list#1.offset|)) 0) (= |ULTIMATE.start_is_empty_#t~mem3#1.base| 0) (= 0 |ULTIMATE.start_is_empty_#t~mem3#1.offset|)) (not (= |ULTIMATE.start_is_empty_~list#1.offset| 0)))} is_empty_~no_beg~0#1 := (if is_empty_#t~mem3#1.base == 0 && is_empty_#t~mem3#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset; {29948#(or (and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_is_empty_~list#1.base|) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_is_empty_~list#1.offset|)) 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_is_empty_~list#1.base|) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_is_empty_~list#1.offset|)) 0) (= |ULTIMATE.start_is_empty_~no_beg~0#1| 1)) (not (= |ULTIMATE.start_is_empty_~list#1.offset| 0)))} is VALID [2022-02-20 23:45:16,797 INFO L290 TraceCheckUtils]: 16: Hoare triple {29948#(or (and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_is_empty_~list#1.base|) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_is_empty_~list#1.offset|)) 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_is_empty_~list#1.base|) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_is_empty_~list#1.offset|)) 0) (= |ULTIMATE.start_is_empty_~no_beg~0#1| 1)) (not (= |ULTIMATE.start_is_empty_~list#1.offset| 0)))} SUMMARY for call is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L660 {29949#(or (and (= |ULTIMATE.start_is_empty_#t~mem4#1.base| 0) (= |ULTIMATE.start_is_empty_#t~mem4#1.offset| 0) (= |ULTIMATE.start_is_empty_~no_beg~0#1| 1)) (not (= |ULTIMATE.start_is_empty_~list#1.offset| 0)))} is VALID [2022-02-20 23:45:16,797 INFO L290 TraceCheckUtils]: 17: Hoare triple {29949#(or (and (= |ULTIMATE.start_is_empty_#t~mem4#1.base| 0) (= |ULTIMATE.start_is_empty_#t~mem4#1.offset| 0) (= |ULTIMATE.start_is_empty_~no_beg~0#1| 1)) (not (= |ULTIMATE.start_is_empty_~list#1.offset| 0)))} is_empty_~no_end~0#1 := (if is_empty_#t~mem4#1.base == 0 && is_empty_#t~mem4#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset; {29950#(or (= |ULTIMATE.start_is_empty_~no_end~0#1| |ULTIMATE.start_is_empty_~no_beg~0#1|) (not (= |ULTIMATE.start_is_empty_~list#1.offset| 0)))} is VALID [2022-02-20 23:45:16,798 INFO L290 TraceCheckUtils]: 18: Hoare triple {29950#(or (= |ULTIMATE.start_is_empty_~no_end~0#1| |ULTIMATE.start_is_empty_~no_beg~0#1|) (not (= |ULTIMATE.start_is_empty_~list#1.offset| 0)))} assume is_empty_~no_beg~0#1 != is_empty_~no_end~0#1; {29951#(not (= |ULTIMATE.start_is_empty_~list#1.offset| 0))} is VALID [2022-02-20 23:45:16,798 INFO L290 TraceCheckUtils]: 19: Hoare triple {29951#(not (= |ULTIMATE.start_is_empty_~list#1.offset| 0))} assume 0 == is_empty_~list#1.offset; {29940#false} is VALID [2022-02-20 23:45:16,798 INFO L290 TraceCheckUtils]: 20: Hoare triple {29940#false} assume !(is_empty_~list#1.base < #StackHeapBarrier); {29940#false} is VALID [2022-02-20 23:45:16,799 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:16,799 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:16,799 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [474269161] [2022-02-20 23:45:16,799 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [474269161] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:16,799 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:16,799 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2022-02-20 23:45:16,800 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [377853558] [2022-02-20 23:45:16,800 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:16,800 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 2.111111111111111) internal successors, (19), 9 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 21 [2022-02-20 23:45:16,800 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:16,800 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 9 states, 9 states have (on average 2.111111111111111) internal successors, (19), 9 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:16,818 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 21 edges. 21 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:16,819 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-02-20 23:45:16,819 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:16,819 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-02-20 23:45:16,819 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=52, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:45:16,820 INFO L87 Difference]: Start difference. First operand 345 states and 469 transitions. Second operand has 9 states, 9 states have (on average 2.111111111111111) internal successors, (19), 9 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:18,643 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:18,643 INFO L93 Difference]: Finished difference Result 649 states and 845 transitions. [2022-02-20 23:45:18,643 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-20 23:45:18,643 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 2.111111111111111) internal successors, (19), 9 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 21 [2022-02-20 23:45:18,644 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:18,644 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 9 states have (on average 2.111111111111111) internal successors, (19), 9 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:18,646 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 407 transitions. [2022-02-20 23:45:18,646 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9 states, 9 states have (on average 2.111111111111111) internal successors, (19), 9 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:18,648 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 407 transitions. [2022-02-20 23:45:18,649 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 407 transitions. [2022-02-20 23:45:18,973 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 407 edges. 407 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:18,985 INFO L225 Difference]: With dead ends: 649 [2022-02-20 23:45:18,985 INFO L226 Difference]: Without dead ends: 647 [2022-02-20 23:45:18,985 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=66, Invalid=144, Unknown=0, NotChecked=0, Total=210 [2022-02-20 23:45:18,986 INFO L933 BasicCegarLoop]: 201 mSDtfsCounter, 445 mSDsluCounter, 1027 mSDsCounter, 0 mSdLazyCounter, 297 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 447 SdHoareTripleChecker+Valid, 1228 SdHoareTripleChecker+Invalid, 324 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 297 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:18,987 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [447 Valid, 1228 Invalid, 324 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 297 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-02-20 23:45:18,991 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 647 states. [2022-02-20 23:45:18,997 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 647 to 339. [2022-02-20 23:45:18,997 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:18,998 INFO L82 GeneralOperation]: Start isEquivalent. First operand 647 states. Second operand has 339 states, 267 states have (on average 1.6029962546816479) internal successors, (428), 320 states have internal predecessors, (428), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:18,998 INFO L74 IsIncluded]: Start isIncluded. First operand 647 states. Second operand has 339 states, 267 states have (on average 1.6029962546816479) internal successors, (428), 320 states have internal predecessors, (428), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:18,999 INFO L87 Difference]: Start difference. First operand 647 states. Second operand has 339 states, 267 states have (on average 1.6029962546816479) internal successors, (428), 320 states have internal predecessors, (428), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:19,017 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:19,018 INFO L93 Difference]: Finished difference Result 647 states and 843 transitions. [2022-02-20 23:45:19,018 INFO L276 IsEmpty]: Start isEmpty. Operand 647 states and 843 transitions. [2022-02-20 23:45:19,019 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:19,019 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:19,020 INFO L74 IsIncluded]: Start isIncluded. First operand has 339 states, 267 states have (on average 1.6029962546816479) internal successors, (428), 320 states have internal predecessors, (428), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 647 states. [2022-02-20 23:45:19,020 INFO L87 Difference]: Start difference. First operand has 339 states, 267 states have (on average 1.6029962546816479) internal successors, (428), 320 states have internal predecessors, (428), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 647 states. [2022-02-20 23:45:19,039 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:19,040 INFO L93 Difference]: Finished difference Result 647 states and 843 transitions. [2022-02-20 23:45:19,040 INFO L276 IsEmpty]: Start isEmpty. Operand 647 states and 843 transitions. [2022-02-20 23:45:19,041 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:19,041 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:19,041 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:19,041 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:19,042 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 339 states, 267 states have (on average 1.6029962546816479) internal successors, (428), 320 states have internal predecessors, (428), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:19,048 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 339 states to 339 states and 458 transitions. [2022-02-20 23:45:19,048 INFO L78 Accepts]: Start accepts. Automaton has 339 states and 458 transitions. Word has length 21 [2022-02-20 23:45:19,048 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:19,048 INFO L470 AbstractCegarLoop]: Abstraction has 339 states and 458 transitions. [2022-02-20 23:45:19,049 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 2.111111111111111) internal successors, (19), 9 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:19,049 INFO L276 IsEmpty]: Start isEmpty. Operand 339 states and 458 transitions. [2022-02-20 23:45:19,049 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-02-20 23:45:19,049 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:19,049 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:19,050 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2022-02-20 23:45:19,050 INFO L402 AbstractCegarLoop]: === Iteration 21 === Targeting ULTIMATE.startErr5REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:19,050 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:19,050 INFO L85 PathProgramCache]: Analyzing trace with hash 163984267, now seen corresponding path program 1 times [2022-02-20 23:45:19,050 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:19,050 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1315735887] [2022-02-20 23:45:19,051 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:19,051 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:19,064 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:19,099 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:19,100 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:19,102 INFO L290 TraceCheckUtils]: 0: Hoare triple {32248#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {32248#true} is VALID [2022-02-20 23:45:19,102 INFO L290 TraceCheckUtils]: 1: Hoare triple {32248#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {32248#true} is VALID [2022-02-20 23:45:19,103 INFO L290 TraceCheckUtils]: 2: Hoare triple {32248#true} assume true; {32248#true} is VALID [2022-02-20 23:45:19,103 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {32248#true} {32248#true} #259#return; {32248#true} is VALID [2022-02-20 23:45:19,103 INFO L290 TraceCheckUtils]: 0: Hoare triple {32248#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {32248#true} is VALID [2022-02-20 23:45:19,103 INFO L290 TraceCheckUtils]: 1: Hoare triple {32248#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {32248#true} is VALID [2022-02-20 23:45:19,103 INFO L290 TraceCheckUtils]: 2: Hoare triple {32248#true} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {32248#true} is VALID [2022-02-20 23:45:19,103 INFO L290 TraceCheckUtils]: 3: Hoare triple {32248#true} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {32248#true} is VALID [2022-02-20 23:45:19,104 INFO L290 TraceCheckUtils]: 4: Hoare triple {32248#true} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {32248#true} is VALID [2022-02-20 23:45:19,104 INFO L290 TraceCheckUtils]: 5: Hoare triple {32248#true} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {32248#true} is VALID [2022-02-20 23:45:19,104 INFO L272 TraceCheckUtils]: 6: Hoare triple {32248#true} call main_#t~ret23#1 := rand_end_point(); {32248#true} is VALID [2022-02-20 23:45:19,104 INFO L290 TraceCheckUtils]: 7: Hoare triple {32248#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {32248#true} is VALID [2022-02-20 23:45:19,104 INFO L290 TraceCheckUtils]: 8: Hoare triple {32248#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {32248#true} is VALID [2022-02-20 23:45:19,104 INFO L290 TraceCheckUtils]: 9: Hoare triple {32248#true} assume true; {32248#true} is VALID [2022-02-20 23:45:19,104 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {32248#true} {32248#true} #259#return; {32248#true} is VALID [2022-02-20 23:45:19,105 INFO L290 TraceCheckUtils]: 11: Hoare triple {32248#true} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {32248#true} is VALID [2022-02-20 23:45:19,105 INFO L290 TraceCheckUtils]: 12: Hoare triple {32248#true} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {32248#true} is VALID [2022-02-20 23:45:19,106 INFO L290 TraceCheckUtils]: 13: Hoare triple {32248#true} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {32254#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:19,106 INFO L290 TraceCheckUtils]: 14: Hoare triple {32254#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {32254#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:19,107 INFO L290 TraceCheckUtils]: 15: Hoare triple {32254#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {32254#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:19,107 INFO L290 TraceCheckUtils]: 16: Hoare triple {32254#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} assume !create_item_#t~switch6#1;create_item_#t~switch6#1 := create_item_#t~switch6#1 || create_item_~at#1 == ~unnamed1~0~LIST_END; {32254#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:19,107 INFO L290 TraceCheckUtils]: 17: Hoare triple {32254#(and (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_PREV;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_NEXT; {32255#(and (<= |ULTIMATE.start_create_item_~term_field~0#1| ~unnamed2~0~ITEM_NEXT) (<= ~unnamed2~0~ITEM_NEXT |ULTIMATE.start_create_item_~term_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:19,108 INFO L290 TraceCheckUtils]: 18: Hoare triple {32255#(and (<= |ULTIMATE.start_create_item_~term_field~0#1| ~unnamed2~0~ITEM_NEXT) (<= ~unnamed2~0~ITEM_NEXT |ULTIMATE.start_create_item_~term_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} havoc create_item_#t~switch6#1; {32255#(and (<= |ULTIMATE.start_create_item_~term_field~0#1| ~unnamed2~0~ITEM_NEXT) (<= ~unnamed2~0~ITEM_NEXT |ULTIMATE.start_create_item_~term_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:19,109 INFO L290 TraceCheckUtils]: 19: Hoare triple {32255#(and (<= |ULTIMATE.start_create_item_~term_field~0#1| ~unnamed2~0~ITEM_NEXT) (<= ~unnamed2~0~ITEM_NEXT |ULTIMATE.start_create_item_~term_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} SUMMARY for call write~$Pointer$(create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1, 4); srcloc: L681 {32255#(and (<= |ULTIMATE.start_create_item_~term_field~0#1| ~unnamed2~0~ITEM_NEXT) (<= ~unnamed2~0~ITEM_NEXT |ULTIMATE.start_create_item_~term_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} is VALID [2022-02-20 23:45:19,109 INFO L290 TraceCheckUtils]: 20: Hoare triple {32255#(and (<= |ULTIMATE.start_create_item_~term_field~0#1| ~unnamed2~0~ITEM_NEXT) (<= ~unnamed2~0~ITEM_NEXT |ULTIMATE.start_create_item_~term_field~0#1|) (= 265 (select |#length| |ULTIMATE.start_create_item_~item~0#1.base|)) (= |ULTIMATE.start_create_item_~item~0#1.offset| 0))} assume !(4 + (create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1) <= #length[create_item_~item~0#1.base] && 0 <= create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1); {32249#false} is VALID [2022-02-20 23:45:19,109 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:19,110 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:19,110 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1315735887] [2022-02-20 23:45:19,110 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1315735887] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:19,110 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:19,110 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:45:19,110 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [529959371] [2022-02-20 23:45:19,110 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:19,111 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 21 [2022-02-20 23:45:19,111 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:19,111 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:19,125 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 21 edges. 21 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:19,125 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:45:19,125 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:19,126 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:45:19,126 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:19,126 INFO L87 Difference]: Start difference. First operand 339 states and 458 transitions. Second operand has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:19,614 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:19,614 INFO L93 Difference]: Finished difference Result 557 states and 693 transitions. [2022-02-20 23:45:19,614 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:45:19,615 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 21 [2022-02-20 23:45:19,615 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:19,615 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:19,617 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 404 transitions. [2022-02-20 23:45:19,617 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:19,620 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 404 transitions. [2022-02-20 23:45:19,620 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 404 transitions. [2022-02-20 23:45:19,903 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 404 edges. 404 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:19,913 INFO L225 Difference]: With dead ends: 557 [2022-02-20 23:45:19,913 INFO L226 Difference]: Without dead ends: 557 [2022-02-20 23:45:19,913 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:19,913 INFO L933 BasicCegarLoop]: 296 mSDtfsCounter, 276 mSDsluCounter, 185 mSDsCounter, 0 mSdLazyCounter, 164 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 280 SdHoareTripleChecker+Valid, 481 SdHoareTripleChecker+Invalid, 166 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 164 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:19,914 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [280 Valid, 481 Invalid, 166 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 164 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:19,914 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 557 states. [2022-02-20 23:45:19,919 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 557 to 332. [2022-02-20 23:45:19,919 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:19,919 INFO L82 GeneralOperation]: Start isEquivalent. First operand 557 states. Second operand has 332 states, 261 states have (on average 1.6091954022988506) internal successors, (420), 313 states have internal predecessors, (420), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:19,920 INFO L74 IsIncluded]: Start isIncluded. First operand 557 states. Second operand has 332 states, 261 states have (on average 1.6091954022988506) internal successors, (420), 313 states have internal predecessors, (420), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:19,920 INFO L87 Difference]: Start difference. First operand 557 states. Second operand has 332 states, 261 states have (on average 1.6091954022988506) internal successors, (420), 313 states have internal predecessors, (420), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:19,934 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:19,934 INFO L93 Difference]: Finished difference Result 557 states and 693 transitions. [2022-02-20 23:45:19,935 INFO L276 IsEmpty]: Start isEmpty. Operand 557 states and 693 transitions. [2022-02-20 23:45:19,936 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:19,936 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:19,936 INFO L74 IsIncluded]: Start isIncluded. First operand has 332 states, 261 states have (on average 1.6091954022988506) internal successors, (420), 313 states have internal predecessors, (420), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 557 states. [2022-02-20 23:45:19,937 INFO L87 Difference]: Start difference. First operand has 332 states, 261 states have (on average 1.6091954022988506) internal successors, (420), 313 states have internal predecessors, (420), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 557 states. [2022-02-20 23:45:19,952 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:19,952 INFO L93 Difference]: Finished difference Result 557 states and 693 transitions. [2022-02-20 23:45:19,952 INFO L276 IsEmpty]: Start isEmpty. Operand 557 states and 693 transitions. [2022-02-20 23:45:19,953 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:19,954 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:19,954 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:19,954 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:19,954 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 332 states, 261 states have (on average 1.6091954022988506) internal successors, (420), 313 states have internal predecessors, (420), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:19,960 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 332 states to 332 states and 450 transitions. [2022-02-20 23:45:19,961 INFO L78 Accepts]: Start accepts. Automaton has 332 states and 450 transitions. Word has length 21 [2022-02-20 23:45:19,961 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:19,961 INFO L470 AbstractCegarLoop]: Abstraction has 332 states and 450 transitions. [2022-02-20 23:45:19,961 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 6.333333333333333) internal successors, (19), 4 states have internal predecessors, (19), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:19,961 INFO L276 IsEmpty]: Start isEmpty. Operand 332 states and 450 transitions. [2022-02-20 23:45:19,961 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-02-20 23:45:19,962 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:19,962 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:19,962 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2022-02-20 23:45:19,962 INFO L402 AbstractCegarLoop]: === Iteration 22 === Targeting ULTIMATE.startErr27REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:19,962 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:19,962 INFO L85 PathProgramCache]: Analyzing trace with hash 1953708264, now seen corresponding path program 1 times [2022-02-20 23:45:19,963 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:19,963 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [351464784] [2022-02-20 23:45:19,963 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:19,963 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:19,973 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:19,995 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:19,997 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:19,999 INFO L290 TraceCheckUtils]: 0: Hoare triple {34261#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {34261#true} is VALID [2022-02-20 23:45:19,999 INFO L290 TraceCheckUtils]: 1: Hoare triple {34261#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {34261#true} is VALID [2022-02-20 23:45:20,000 INFO L290 TraceCheckUtils]: 2: Hoare triple {34261#true} assume true; {34261#true} is VALID [2022-02-20 23:45:20,001 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {34261#true} {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} #261#return; {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:20,002 INFO L290 TraceCheckUtils]: 0: Hoare triple {34261#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:20,004 INFO L290 TraceCheckUtils]: 1: Hoare triple {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:20,004 INFO L290 TraceCheckUtils]: 2: Hoare triple {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:20,005 INFO L290 TraceCheckUtils]: 3: Hoare triple {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:20,005 INFO L290 TraceCheckUtils]: 4: Hoare triple {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:20,005 INFO L290 TraceCheckUtils]: 5: Hoare triple {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:20,006 INFO L290 TraceCheckUtils]: 6: Hoare triple {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:20,006 INFO L290 TraceCheckUtils]: 7: Hoare triple {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:20,006 INFO L272 TraceCheckUtils]: 8: Hoare triple {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} call main_#t~ret25#1 := rand_end_point(); {34261#true} is VALID [2022-02-20 23:45:20,007 INFO L290 TraceCheckUtils]: 9: Hoare triple {34261#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {34261#true} is VALID [2022-02-20 23:45:20,007 INFO L290 TraceCheckUtils]: 10: Hoare triple {34261#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {34261#true} is VALID [2022-02-20 23:45:20,007 INFO L290 TraceCheckUtils]: 11: Hoare triple {34261#true} assume true; {34261#true} is VALID [2022-02-20 23:45:20,007 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {34261#true} {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} #261#return; {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:20,008 INFO L290 TraceCheckUtils]: 13: Hoare triple {34263#(and (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} is VALID [2022-02-20 23:45:20,009 INFO L290 TraceCheckUtils]: 14: Hoare triple {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} SUMMARY for call is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L659 {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} is VALID [2022-02-20 23:45:20,009 INFO L290 TraceCheckUtils]: 15: Hoare triple {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} is_empty_~no_beg~0#1 := (if is_empty_#t~mem3#1.base == 0 && is_empty_#t~mem3#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset; {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} is VALID [2022-02-20 23:45:20,010 INFO L290 TraceCheckUtils]: 16: Hoare triple {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} SUMMARY for call is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L660 {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} is VALID [2022-02-20 23:45:20,010 INFO L290 TraceCheckUtils]: 17: Hoare triple {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} is_empty_~no_end~0#1 := (if is_empty_#t~mem4#1.base == 0 && is_empty_#t~mem4#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset; {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} is VALID [2022-02-20 23:45:20,010 INFO L290 TraceCheckUtils]: 18: Hoare triple {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} assume !(is_empty_~no_beg~0#1 != is_empty_~no_end~0#1); {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} is VALID [2022-02-20 23:45:20,011 INFO L290 TraceCheckUtils]: 19: Hoare triple {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} is_empty_#res#1 := is_empty_~no_beg~0#1; {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} is VALID [2022-02-20 23:45:20,011 INFO L290 TraceCheckUtils]: 20: Hoare triple {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} remove_one_#t~ret11#1 := is_empty_#res#1;assume { :end_inline_is_empty } true;assume -2147483648 <= remove_one_#t~ret11#1 && remove_one_#t~ret11#1 <= 2147483647; {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} is VALID [2022-02-20 23:45:20,012 INFO L290 TraceCheckUtils]: 21: Hoare triple {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} assume !(0 != remove_one_#t~ret11#1);havoc remove_one_#t~ret11#1; {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} is VALID [2022-02-20 23:45:20,012 INFO L290 TraceCheckUtils]: 22: Hoare triple {34268#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| |ULTIMATE.start_remove_one_~list#1.base|) 1))} assume !(1 == #valid[remove_one_~list#1.base]); {34262#false} is VALID [2022-02-20 23:45:20,012 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:20,013 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:20,013 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [351464784] [2022-02-20 23:45:20,013 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [351464784] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:20,013 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:20,013 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-02-20 23:45:20,013 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1857451829] [2022-02-20 23:45:20,013 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:20,014 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 7.0) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-02-20 23:45:20,014 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:20,014 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 4 states, 3 states have (on average 7.0) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:20,030 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 23 edges. 23 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:20,030 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-02-20 23:45:20,030 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:20,031 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-02-20 23:45:20,031 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-02-20 23:45:20,031 INFO L87 Difference]: Start difference. First operand 332 states and 450 transitions. Second operand has 4 states, 3 states have (on average 7.0) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:20,498 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:20,498 INFO L93 Difference]: Finished difference Result 494 states and 639 transitions. [2022-02-20 23:45:20,498 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-02-20 23:45:20,499 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 7.0) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-02-20 23:45:20,499 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:20,499 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 7.0) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:20,500 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 359 transitions. [2022-02-20 23:45:20,500 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4 states, 3 states have (on average 7.0) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:20,502 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4 states to 4 states and 359 transitions. [2022-02-20 23:45:20,502 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 4 states and 359 transitions. [2022-02-20 23:45:20,730 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 359 edges. 359 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:20,738 INFO L225 Difference]: With dead ends: 494 [2022-02-20 23:45:20,739 INFO L226 Difference]: Without dead ends: 494 [2022-02-20 23:45:20,739 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:45:20,739 INFO L933 BasicCegarLoop]: 165 mSDtfsCounter, 227 mSDsluCounter, 187 mSDsCounter, 0 mSdLazyCounter, 193 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 227 SdHoareTripleChecker+Valid, 352 SdHoareTripleChecker+Invalid, 201 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 193 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:20,740 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [227 Valid, 352 Invalid, 201 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 193 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:20,740 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 494 states. [2022-02-20 23:45:20,748 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 494 to 360. [2022-02-20 23:45:20,748 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:20,749 INFO L82 GeneralOperation]: Start isEquivalent. First operand 494 states. Second operand has 360 states, 289 states have (on average 1.6332179930795847) internal successors, (472), 341 states have internal predecessors, (472), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:20,749 INFO L74 IsIncluded]: Start isIncluded. First operand 494 states. Second operand has 360 states, 289 states have (on average 1.6332179930795847) internal successors, (472), 341 states have internal predecessors, (472), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:20,750 INFO L87 Difference]: Start difference. First operand 494 states. Second operand has 360 states, 289 states have (on average 1.6332179930795847) internal successors, (472), 341 states have internal predecessors, (472), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:20,767 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:20,767 INFO L93 Difference]: Finished difference Result 494 states and 639 transitions. [2022-02-20 23:45:20,767 INFO L276 IsEmpty]: Start isEmpty. Operand 494 states and 639 transitions. [2022-02-20 23:45:20,768 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:20,768 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:20,769 INFO L74 IsIncluded]: Start isIncluded. First operand has 360 states, 289 states have (on average 1.6332179930795847) internal successors, (472), 341 states have internal predecessors, (472), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 494 states. [2022-02-20 23:45:20,769 INFO L87 Difference]: Start difference. First operand has 360 states, 289 states have (on average 1.6332179930795847) internal successors, (472), 341 states have internal predecessors, (472), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 494 states. [2022-02-20 23:45:20,782 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:20,782 INFO L93 Difference]: Finished difference Result 494 states and 639 transitions. [2022-02-20 23:45:20,782 INFO L276 IsEmpty]: Start isEmpty. Operand 494 states and 639 transitions. [2022-02-20 23:45:20,783 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:20,783 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:20,784 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:20,784 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:20,784 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 360 states, 289 states have (on average 1.6332179930795847) internal successors, (472), 341 states have internal predecessors, (472), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:20,791 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 360 states to 360 states and 502 transitions. [2022-02-20 23:45:20,791 INFO L78 Accepts]: Start accepts. Automaton has 360 states and 502 transitions. Word has length 23 [2022-02-20 23:45:20,791 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:20,792 INFO L470 AbstractCegarLoop]: Abstraction has 360 states and 502 transitions. [2022-02-20 23:45:20,792 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 7.0) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:20,792 INFO L276 IsEmpty]: Start isEmpty. Operand 360 states and 502 transitions. [2022-02-20 23:45:20,793 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-02-20 23:45:20,793 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:20,794 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:20,794 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable21 [2022-02-20 23:45:20,794 INFO L402 AbstractCegarLoop]: === Iteration 23 === Targeting ULTIMATE.startErr28REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:20,794 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:20,794 INFO L85 PathProgramCache]: Analyzing trace with hash 1953708265, now seen corresponding path program 1 times [2022-02-20 23:45:20,795 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:20,795 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2014733830] [2022-02-20 23:45:20,795 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:20,795 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:20,808 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:20,936 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:20,939 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:20,943 INFO L290 TraceCheckUtils]: 0: Hoare triple {36115#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {36115#true} is VALID [2022-02-20 23:45:20,943 INFO L290 TraceCheckUtils]: 1: Hoare triple {36115#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {36115#true} is VALID [2022-02-20 23:45:20,943 INFO L290 TraceCheckUtils]: 2: Hoare triple {36115#true} assume true; {36115#true} is VALID [2022-02-20 23:45:20,944 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {36115#true} {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} #261#return; {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:20,945 INFO L290 TraceCheckUtils]: 0: Hoare triple {36115#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:20,945 INFO L290 TraceCheckUtils]: 1: Hoare triple {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:20,945 INFO L290 TraceCheckUtils]: 2: Hoare triple {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:20,946 INFO L290 TraceCheckUtils]: 3: Hoare triple {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:20,946 INFO L290 TraceCheckUtils]: 4: Hoare triple {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:20,947 INFO L290 TraceCheckUtils]: 5: Hoare triple {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:20,947 INFO L290 TraceCheckUtils]: 6: Hoare triple {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:20,947 INFO L290 TraceCheckUtils]: 7: Hoare triple {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:20,948 INFO L272 TraceCheckUtils]: 8: Hoare triple {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} call main_#t~ret25#1 := rand_end_point(); {36115#true} is VALID [2022-02-20 23:45:20,948 INFO L290 TraceCheckUtils]: 9: Hoare triple {36115#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {36115#true} is VALID [2022-02-20 23:45:20,948 INFO L290 TraceCheckUtils]: 10: Hoare triple {36115#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {36115#true} is VALID [2022-02-20 23:45:20,948 INFO L290 TraceCheckUtils]: 11: Hoare triple {36115#true} assume true; {36115#true} is VALID [2022-02-20 23:45:20,948 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {36115#true} {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} #261#return; {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:20,949 INFO L290 TraceCheckUtils]: 13: Hoare triple {36117#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {36122#(and (= (+ (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) (- 8)) 0) (= (+ (* (- 1) |ULTIMATE.start_remove_one_~list#1.offset|) |ULTIMATE.start_is_empty_~list#1.offset|) 0) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0))} is VALID [2022-02-20 23:45:20,950 INFO L290 TraceCheckUtils]: 14: Hoare triple {36122#(and (= (+ (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) (- 8)) 0) (= (+ (* (- 1) |ULTIMATE.start_remove_one_~list#1.offset|) |ULTIMATE.start_is_empty_~list#1.offset|) 0) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0))} SUMMARY for call is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L659 {36123#(and (= (+ (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) (- 8)) 0) (= (+ (* (- 1) |ULTIMATE.start_remove_one_~list#1.offset|) |ULTIMATE.start_is_empty_~list#1.offset|) 0) (<= 0 (+ |ULTIMATE.start_is_empty_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0))} is VALID [2022-02-20 23:45:20,950 INFO L290 TraceCheckUtils]: 15: Hoare triple {36123#(and (= (+ (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) (- 8)) 0) (= (+ (* (- 1) |ULTIMATE.start_remove_one_~list#1.offset|) |ULTIMATE.start_is_empty_~list#1.offset|) 0) (<= 0 (+ |ULTIMATE.start_is_empty_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0))} is_empty_~no_beg~0#1 := (if is_empty_#t~mem3#1.base == 0 && is_empty_#t~mem3#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset; {36123#(and (= (+ (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) (- 8)) 0) (= (+ (* (- 1) |ULTIMATE.start_remove_one_~list#1.offset|) |ULTIMATE.start_is_empty_~list#1.offset|) 0) (<= 0 (+ |ULTIMATE.start_is_empty_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0))} is VALID [2022-02-20 23:45:20,951 INFO L290 TraceCheckUtils]: 16: Hoare triple {36123#(and (= (+ (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) (- 8)) 0) (= (+ (* (- 1) |ULTIMATE.start_remove_one_~list#1.offset|) |ULTIMATE.start_is_empty_~list#1.offset|) 0) (<= 0 (+ |ULTIMATE.start_is_empty_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0))} SUMMARY for call is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L660 {36124#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:20,952 INFO L290 TraceCheckUtils]: 17: Hoare triple {36124#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is_empty_~no_end~0#1 := (if is_empty_#t~mem4#1.base == 0 && is_empty_#t~mem4#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset; {36124#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:20,952 INFO L290 TraceCheckUtils]: 18: Hoare triple {36124#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume !(is_empty_~no_beg~0#1 != is_empty_~no_end~0#1); {36124#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:20,953 INFO L290 TraceCheckUtils]: 19: Hoare triple {36124#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is_empty_#res#1 := is_empty_~no_beg~0#1; {36124#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:20,953 INFO L290 TraceCheckUtils]: 20: Hoare triple {36124#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} remove_one_#t~ret11#1 := is_empty_#res#1;assume { :end_inline_is_empty } true;assume -2147483648 <= remove_one_#t~ret11#1 && remove_one_#t~ret11#1 <= 2147483647; {36124#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:20,953 INFO L290 TraceCheckUtils]: 21: Hoare triple {36124#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume !(0 != remove_one_#t~ret11#1);havoc remove_one_#t~ret11#1; {36124#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:20,954 INFO L290 TraceCheckUtils]: 22: Hoare triple {36124#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume !(4 + (remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG) <= #length[remove_one_~list#1.base] && 0 <= remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG); {36116#false} is VALID [2022-02-20 23:45:20,954 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:20,955 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:20,955 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2014733830] [2022-02-20 23:45:20,955 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2014733830] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:20,955 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:20,955 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:45:20,956 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [428496125] [2022-02-20 23:45:20,956 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:20,957 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.2) internal successors, (21), 6 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-02-20 23:45:20,957 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:20,957 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 4.2) internal successors, (21), 6 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:20,974 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 23 edges. 23 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:20,974 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:45:20,975 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:20,975 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:45:20,975 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:45:20,975 INFO L87 Difference]: Start difference. First operand 360 states and 502 transitions. Second operand has 6 states, 5 states have (on average 4.2) internal successors, (21), 6 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:21,720 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:21,720 INFO L93 Difference]: Finished difference Result 419 states and 533 transitions. [2022-02-20 23:45:21,720 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:45:21,720 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.2) internal successors, (21), 6 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-02-20 23:45:21,721 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:21,721 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 4.2) internal successors, (21), 6 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:21,722 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 280 transitions. [2022-02-20 23:45:21,722 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 4.2) internal successors, (21), 6 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:21,724 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 280 transitions. [2022-02-20 23:45:21,724 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 280 transitions. [2022-02-20 23:45:21,909 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 280 edges. 280 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:21,917 INFO L225 Difference]: With dead ends: 419 [2022-02-20 23:45:21,917 INFO L226 Difference]: Without dead ends: 419 [2022-02-20 23:45:21,917 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=28, Invalid=44, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:45:21,917 INFO L933 BasicCegarLoop]: 150 mSDtfsCounter, 378 mSDsluCounter, 299 mSDsCounter, 0 mSdLazyCounter, 218 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 378 SdHoareTripleChecker+Valid, 449 SdHoareTripleChecker+Invalid, 226 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 218 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:21,918 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [378 Valid, 449 Invalid, 226 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 218 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:45:21,918 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 419 states. [2022-02-20 23:45:21,923 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 419 to 360. [2022-02-20 23:45:21,923 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:21,924 INFO L82 GeneralOperation]: Start isEquivalent. First operand 419 states. Second operand has 360 states, 289 states have (on average 1.602076124567474) internal successors, (463), 341 states have internal predecessors, (463), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:21,924 INFO L74 IsIncluded]: Start isIncluded. First operand 419 states. Second operand has 360 states, 289 states have (on average 1.602076124567474) internal successors, (463), 341 states have internal predecessors, (463), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:21,925 INFO L87 Difference]: Start difference. First operand 419 states. Second operand has 360 states, 289 states have (on average 1.602076124567474) internal successors, (463), 341 states have internal predecessors, (463), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:21,940 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:21,940 INFO L93 Difference]: Finished difference Result 419 states and 533 transitions. [2022-02-20 23:45:21,940 INFO L276 IsEmpty]: Start isEmpty. Operand 419 states and 533 transitions. [2022-02-20 23:45:21,941 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:21,941 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:21,942 INFO L74 IsIncluded]: Start isIncluded. First operand has 360 states, 289 states have (on average 1.602076124567474) internal successors, (463), 341 states have internal predecessors, (463), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 419 states. [2022-02-20 23:45:21,942 INFO L87 Difference]: Start difference. First operand has 360 states, 289 states have (on average 1.602076124567474) internal successors, (463), 341 states have internal predecessors, (463), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) Second operand 419 states. [2022-02-20 23:45:21,952 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:21,952 INFO L93 Difference]: Finished difference Result 419 states and 533 transitions. [2022-02-20 23:45:21,952 INFO L276 IsEmpty]: Start isEmpty. Operand 419 states and 533 transitions. [2022-02-20 23:45:21,953 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:21,953 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:21,953 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:21,953 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:21,954 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 360 states, 289 states have (on average 1.602076124567474) internal successors, (463), 341 states have internal predecessors, (463), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 13 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:21,960 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 360 states to 360 states and 493 transitions. [2022-02-20 23:45:21,960 INFO L78 Accepts]: Start accepts. Automaton has 360 states and 493 transitions. Word has length 23 [2022-02-20 23:45:21,961 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:21,961 INFO L470 AbstractCegarLoop]: Abstraction has 360 states and 493 transitions. [2022-02-20 23:45:21,961 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.2) internal successors, (21), 6 states have internal predecessors, (21), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:21,961 INFO L276 IsEmpty]: Start isEmpty. Operand 360 states and 493 transitions. [2022-02-20 23:45:21,961 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-02-20 23:45:21,961 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:21,962 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:21,962 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable22 [2022-02-20 23:45:21,962 INFO L402 AbstractCegarLoop]: === Iteration 24 === Targeting ULTIMATE.startErr8REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:21,962 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:21,962 INFO L85 PathProgramCache]: Analyzing trace with hash -1811064258, now seen corresponding path program 1 times [2022-02-20 23:45:21,963 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:21,963 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1622202525] [2022-02-20 23:45:21,963 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:21,963 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:21,979 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:22,100 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:22,102 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:22,105 INFO L290 TraceCheckUtils]: 0: Hoare triple {37750#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {37750#true} is VALID [2022-02-20 23:45:22,105 INFO L290 TraceCheckUtils]: 1: Hoare triple {37750#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {37750#true} is VALID [2022-02-20 23:45:22,105 INFO L290 TraceCheckUtils]: 2: Hoare triple {37750#true} assume true; {37750#true} is VALID [2022-02-20 23:45:22,106 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {37750#true} {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} #259#return; {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:22,106 INFO L290 TraceCheckUtils]: 0: Hoare triple {37750#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:22,107 INFO L290 TraceCheckUtils]: 1: Hoare triple {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:22,107 INFO L290 TraceCheckUtils]: 2: Hoare triple {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:22,108 INFO L290 TraceCheckUtils]: 3: Hoare triple {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:22,108 INFO L290 TraceCheckUtils]: 4: Hoare triple {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:22,109 INFO L290 TraceCheckUtils]: 5: Hoare triple {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:22,109 INFO L272 TraceCheckUtils]: 6: Hoare triple {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} call main_#t~ret23#1 := rand_end_point(); {37750#true} is VALID [2022-02-20 23:45:22,109 INFO L290 TraceCheckUtils]: 7: Hoare triple {37750#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {37750#true} is VALID [2022-02-20 23:45:22,109 INFO L290 TraceCheckUtils]: 8: Hoare triple {37750#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {37750#true} is VALID [2022-02-20 23:45:22,109 INFO L290 TraceCheckUtils]: 9: Hoare triple {37750#true} assume true; {37750#true} is VALID [2022-02-20 23:45:22,110 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {37750#true} {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} #259#return; {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:22,111 INFO L290 TraceCheckUtils]: 11: Hoare triple {37752#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {37757#(and (= |ULTIMATE.start_append_one_~list#1.offset| 0) (or (not (= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 0)) (and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_append_one_~list#1.base|) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_append_one_~list#1.base|) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) 0))))} is VALID [2022-02-20 23:45:22,111 INFO L290 TraceCheckUtils]: 12: Hoare triple {37757#(and (= |ULTIMATE.start_append_one_~list#1.offset| 0) (or (not (= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 0)) (and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_append_one_~list#1.base|) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_append_one_~list#1.base|) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) 0))))} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {37758#(or (and (= |ULTIMATE.start_append_one_#t~mem7#1.offset| 0) (= |ULTIMATE.start_append_one_#t~mem7#1.base| 0)) (not (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|)))} is VALID [2022-02-20 23:45:22,112 INFO L290 TraceCheckUtils]: 13: Hoare triple {37758#(or (and (= |ULTIMATE.start_append_one_#t~mem7#1.offset| 0) (= |ULTIMATE.start_append_one_#t~mem7#1.base| 0)) (not (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|)))} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {37759#(or (not (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_create_item_~at#1|)) (and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0)))} is VALID [2022-02-20 23:45:22,112 INFO L290 TraceCheckUtils]: 14: Hoare triple {37759#(or (not (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_create_item_~at#1|)) (and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0)))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {37759#(or (not (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_create_item_~at#1|)) (and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0)))} is VALID [2022-02-20 23:45:22,113 INFO L290 TraceCheckUtils]: 15: Hoare triple {37759#(or (not (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_create_item_~at#1|)) (and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0)))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {37760#(or (not |ULTIMATE.start_create_item_#t~switch6#1|) (and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0)))} is VALID [2022-02-20 23:45:22,113 INFO L290 TraceCheckUtils]: 16: Hoare triple {37760#(or (not |ULTIMATE.start_create_item_#t~switch6#1|) (and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0)))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_NEXT;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_PREV; {37761#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:22,114 INFO L290 TraceCheckUtils]: 17: Hoare triple {37761#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} havoc create_item_#t~switch6#1; {37761#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:22,114 INFO L290 TraceCheckUtils]: 18: Hoare triple {37761#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} SUMMARY for call write~$Pointer$(create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1, 4); srcloc: L681 {37761#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:22,115 INFO L290 TraceCheckUtils]: 19: Hoare triple {37761#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1, 4); srcloc: L681-1 {37761#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:22,115 INFO L290 TraceCheckUtils]: 20: Hoare triple {37761#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} SUMMARY for call write~int(0, create_item_~item~0#1.base, 8 + create_item_~item~0#1.offset, 1); srcloc: L682 {37761#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:22,116 INFO L290 TraceCheckUtils]: 21: Hoare triple {37761#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} create_item_~head~0#1.base, create_item_~head~0#1.offset := create_item_~item~0#1.base, create_item_~item~0#1.offset; {37761#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:22,116 INFO L290 TraceCheckUtils]: 22: Hoare triple {37761#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} assume create_item_~link#1.base != 0 || create_item_~link#1.offset != 0; {37751#false} is VALID [2022-02-20 23:45:22,116 INFO L290 TraceCheckUtils]: 23: Hoare triple {37751#false} assume !(1 == #valid[create_item_~link#1.base]); {37751#false} is VALID [2022-02-20 23:45:22,117 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:22,117 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:22,117 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1622202525] [2022-02-20 23:45:22,117 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1622202525] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:22,117 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:22,117 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-02-20 23:45:22,118 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1975295022] [2022-02-20 23:45:22,118 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:22,119 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-02-20 23:45:22,119 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:22,120 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:22,138 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 24 edges. 24 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:22,138 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:45:22,138 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:22,138 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:45:22,139 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:45:22,139 INFO L87 Difference]: Start difference. First operand 360 states and 493 transitions. Second operand has 8 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:23,337 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:23,338 INFO L93 Difference]: Finished difference Result 799 states and 1037 transitions. [2022-02-20 23:45:23,338 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2022-02-20 23:45:23,338 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-02-20 23:45:23,338 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:23,338 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:23,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 528 transitions. [2022-02-20 23:45:23,341 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:23,344 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 528 transitions. [2022-02-20 23:45:23,345 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 12 states and 528 transitions. [2022-02-20 23:45:23,737 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 528 edges. 528 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:23,756 INFO L225 Difference]: With dead ends: 799 [2022-02-20 23:45:23,756 INFO L226 Difference]: Without dead ends: 799 [2022-02-20 23:45:23,756 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 16 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=70, Invalid=140, Unknown=0, NotChecked=0, Total=210 [2022-02-20 23:45:23,757 INFO L933 BasicCegarLoop]: 223 mSDtfsCounter, 647 mSDsluCounter, 964 mSDsCounter, 0 mSdLazyCounter, 207 mSolverCounterSat, 29 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 651 SdHoareTripleChecker+Valid, 1187 SdHoareTripleChecker+Invalid, 236 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 29 IncrementalHoareTripleChecker+Valid, 207 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:23,757 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [651 Valid, 1187 Invalid, 236 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [29 Valid, 207 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:45:23,758 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 799 states. [2022-02-20 23:45:23,763 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 799 to 392. [2022-02-20 23:45:23,763 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:23,771 INFO L82 GeneralOperation]: Start isEquivalent. First operand 799 states. Second operand has 392 states, 321 states have (on average 1.5545171339563864) internal successors, (499), 371 states have internal predecessors, (499), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 15 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:23,772 INFO L74 IsIncluded]: Start isIncluded. First operand 799 states. Second operand has 392 states, 321 states have (on average 1.5545171339563864) internal successors, (499), 371 states have internal predecessors, (499), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 15 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:23,772 INFO L87 Difference]: Start difference. First operand 799 states. Second operand has 392 states, 321 states have (on average 1.5545171339563864) internal successors, (499), 371 states have internal predecessors, (499), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 15 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:23,802 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:23,803 INFO L93 Difference]: Finished difference Result 799 states and 1037 transitions. [2022-02-20 23:45:23,803 INFO L276 IsEmpty]: Start isEmpty. Operand 799 states and 1037 transitions. [2022-02-20 23:45:23,804 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:23,804 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:23,805 INFO L74 IsIncluded]: Start isIncluded. First operand has 392 states, 321 states have (on average 1.5545171339563864) internal successors, (499), 371 states have internal predecessors, (499), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 15 states have call predecessors, (20), 10 states have call successors, (20) Second operand 799 states. [2022-02-20 23:45:23,805 INFO L87 Difference]: Start difference. First operand has 392 states, 321 states have (on average 1.5545171339563864) internal successors, (499), 371 states have internal predecessors, (499), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 15 states have call predecessors, (20), 10 states have call successors, (20) Second operand 799 states. [2022-02-20 23:45:23,841 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:23,841 INFO L93 Difference]: Finished difference Result 799 states and 1037 transitions. [2022-02-20 23:45:23,841 INFO L276 IsEmpty]: Start isEmpty. Operand 799 states and 1037 transitions. [2022-02-20 23:45:23,842 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:23,843 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:23,843 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:23,843 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:23,843 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 392 states, 321 states have (on average 1.5545171339563864) internal successors, (499), 371 states have internal predecessors, (499), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 15 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:23,852 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 392 states to 392 states and 529 transitions. [2022-02-20 23:45:23,852 INFO L78 Accepts]: Start accepts. Automaton has 392 states and 529 transitions. Word has length 24 [2022-02-20 23:45:23,852 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:23,852 INFO L470 AbstractCegarLoop]: Abstraction has 392 states and 529 transitions. [2022-02-20 23:45:23,852 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:23,852 INFO L276 IsEmpty]: Start isEmpty. Operand 392 states and 529 transitions. [2022-02-20 23:45:23,853 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-02-20 23:45:23,853 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:23,853 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:23,854 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable23 [2022-02-20 23:45:23,854 INFO L402 AbstractCegarLoop]: === Iteration 25 === Targeting ULTIMATE.startErr8REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:23,854 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:23,854 INFO L85 PathProgramCache]: Analyzing trace with hash -1927577074, now seen corresponding path program 1 times [2022-02-20 23:45:23,854 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:23,855 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [606086456] [2022-02-20 23:45:23,855 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:23,855 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:23,878 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:24,008 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:24,011 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:24,030 INFO L290 TraceCheckUtils]: 0: Hoare triple {40567#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {40567#true} is VALID [2022-02-20 23:45:24,030 INFO L290 TraceCheckUtils]: 1: Hoare triple {40567#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {40578#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:24,031 INFO L290 TraceCheckUtils]: 2: Hoare triple {40578#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} assume true; {40578#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:24,032 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {40578#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} #259#return; {40574#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (<= (* 4 |ULTIMATE.start_main_#t~ret23#1|) (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset|)) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset|) (* 4 |ULTIMATE.start_main_#t~ret23#1|)))} is VALID [2022-02-20 23:45:24,033 INFO L290 TraceCheckUtils]: 0: Hoare triple {40567#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:24,033 INFO L290 TraceCheckUtils]: 1: Hoare triple {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:24,034 INFO L290 TraceCheckUtils]: 2: Hoare triple {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:24,035 INFO L290 TraceCheckUtils]: 3: Hoare triple {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:24,035 INFO L290 TraceCheckUtils]: 4: Hoare triple {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:24,036 INFO L290 TraceCheckUtils]: 5: Hoare triple {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:24,036 INFO L272 TraceCheckUtils]: 6: Hoare triple {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} call main_#t~ret23#1 := rand_end_point(); {40567#true} is VALID [2022-02-20 23:45:24,036 INFO L290 TraceCheckUtils]: 7: Hoare triple {40567#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {40567#true} is VALID [2022-02-20 23:45:24,036 INFO L290 TraceCheckUtils]: 8: Hoare triple {40567#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {40578#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:24,038 INFO L290 TraceCheckUtils]: 9: Hoare triple {40578#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} assume true; {40578#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:24,039 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {40578#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} {40569#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} #259#return; {40574#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (<= (* 4 |ULTIMATE.start_main_#t~ret23#1|) (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset|)) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset|) (* 4 |ULTIMATE.start_main_#t~ret23#1|)))} is VALID [2022-02-20 23:45:24,040 INFO L290 TraceCheckUtils]: 11: Hoare triple {40574#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4)) 0) (<= (* 4 |ULTIMATE.start_main_#t~ret23#1|) (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset|)) (= 0 (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))) (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset|) (* 4 |ULTIMATE.start_main_#t~ret23#1|)))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {40575#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_append_one_~list#1.base|) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_append_one_~list#1.base|) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) 0))} is VALID [2022-02-20 23:45:24,041 INFO L290 TraceCheckUtils]: 12: Hoare triple {40575#(and (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_append_one_~list#1.base|) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_append_one_~list#1.base|) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) 0))} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {40576#(and (= |ULTIMATE.start_append_one_#t~mem7#1.offset| 0) (= |ULTIMATE.start_append_one_#t~mem7#1.base| 0))} is VALID [2022-02-20 23:45:24,041 INFO L290 TraceCheckUtils]: 13: Hoare triple {40576#(and (= |ULTIMATE.start_append_one_#t~mem7#1.offset| 0) (= |ULTIMATE.start_append_one_#t~mem7#1.base| 0))} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:24,042 INFO L290 TraceCheckUtils]: 14: Hoare triple {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:24,042 INFO L290 TraceCheckUtils]: 15: Hoare triple {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:24,043 INFO L290 TraceCheckUtils]: 16: Hoare triple {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} assume !create_item_#t~switch6#1;create_item_#t~switch6#1 := create_item_#t~switch6#1 || create_item_~at#1 == ~unnamed1~0~LIST_END; {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:24,044 INFO L290 TraceCheckUtils]: 17: Hoare triple {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_PREV;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_NEXT; {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:24,044 INFO L290 TraceCheckUtils]: 18: Hoare triple {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} havoc create_item_#t~switch6#1; {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:24,045 INFO L290 TraceCheckUtils]: 19: Hoare triple {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} SUMMARY for call write~$Pointer$(create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1, 4); srcloc: L681 {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:24,045 INFO L290 TraceCheckUtils]: 20: Hoare triple {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} SUMMARY for call write~$Pointer$(0, 0, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1, 4); srcloc: L681-1 {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:24,046 INFO L290 TraceCheckUtils]: 21: Hoare triple {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} SUMMARY for call write~int(0, create_item_~item~0#1.base, 8 + create_item_~item~0#1.offset, 1); srcloc: L682 {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:24,046 INFO L290 TraceCheckUtils]: 22: Hoare triple {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} create_item_~head~0#1.base, create_item_~head~0#1.offset := create_item_~item~0#1.base, create_item_~item~0#1.offset; {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} is VALID [2022-02-20 23:45:24,047 INFO L290 TraceCheckUtils]: 23: Hoare triple {40577#(and (= |ULTIMATE.start_create_item_~link#1.base| 0) (= |ULTIMATE.start_create_item_~link#1.offset| 0))} assume create_item_~link#1.base != 0 || create_item_~link#1.offset != 0; {40568#false} is VALID [2022-02-20 23:45:24,047 INFO L290 TraceCheckUtils]: 24: Hoare triple {40568#false} assume !(1 == #valid[create_item_~link#1.base]); {40568#false} is VALID [2022-02-20 23:45:24,047 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:24,048 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:24,048 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [606086456] [2022-02-20 23:45:24,049 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [606086456] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:24,049 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:24,049 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-02-20 23:45:24,049 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1412528868] [2022-02-20 23:45:24,049 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:24,050 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 2.875) internal successors, (23), 7 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 23:45:24,050 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:24,050 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 8 states, 8 states have (on average 2.875) internal successors, (23), 7 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:24,076 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 25 edges. 25 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:24,077 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-02-20 23:45:24,077 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:24,077 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-02-20 23:45:24,077 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-02-20 23:45:24,077 INFO L87 Difference]: Start difference. First operand 392 states and 529 transitions. Second operand has 8 states, 8 states have (on average 2.875) internal successors, (23), 7 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:25,281 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:25,281 INFO L93 Difference]: Finished difference Result 632 states and 811 transitions. [2022-02-20 23:45:25,281 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-02-20 23:45:25,281 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 2.875) internal successors, (23), 7 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-02-20 23:45:25,281 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:25,281 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 2.875) internal successors, (23), 7 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:25,283 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 402 transitions. [2022-02-20 23:45:25,283 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8 states, 8 states have (on average 2.875) internal successors, (23), 7 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:25,285 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11 states to 11 states and 402 transitions. [2022-02-20 23:45:25,285 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 11 states and 402 transitions. [2022-02-20 23:45:25,560 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 402 edges. 402 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:25,571 INFO L225 Difference]: With dead ends: 632 [2022-02-20 23:45:25,571 INFO L226 Difference]: Without dead ends: 632 [2022-02-20 23:45:25,572 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=44, Invalid=112, Unknown=0, NotChecked=0, Total=156 [2022-02-20 23:45:25,572 INFO L933 BasicCegarLoop]: 246 mSDtfsCounter, 239 mSDsluCounter, 1223 mSDsCounter, 0 mSdLazyCounter, 253 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 241 SdHoareTripleChecker+Valid, 1469 SdHoareTripleChecker+Invalid, 262 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 253 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:25,572 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [241 Valid, 1469 Invalid, 262 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 253 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:45:25,573 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 632 states. [2022-02-20 23:45:25,578 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 632 to 394. [2022-02-20 23:45:25,579 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:25,579 INFO L82 GeneralOperation]: Start isEquivalent. First operand 632 states. Second operand has 394 states, 323 states have (on average 1.5510835913312693) internal successors, (501), 373 states have internal predecessors, (501), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 15 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:25,580 INFO L74 IsIncluded]: Start isIncluded. First operand 632 states. Second operand has 394 states, 323 states have (on average 1.5510835913312693) internal successors, (501), 373 states have internal predecessors, (501), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 15 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:25,580 INFO L87 Difference]: Start difference. First operand 632 states. Second operand has 394 states, 323 states have (on average 1.5510835913312693) internal successors, (501), 373 states have internal predecessors, (501), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 15 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:25,598 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:25,598 INFO L93 Difference]: Finished difference Result 632 states and 811 transitions. [2022-02-20 23:45:25,598 INFO L276 IsEmpty]: Start isEmpty. Operand 632 states and 811 transitions. [2022-02-20 23:45:25,599 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:25,599 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:25,600 INFO L74 IsIncluded]: Start isIncluded. First operand has 394 states, 323 states have (on average 1.5510835913312693) internal successors, (501), 373 states have internal predecessors, (501), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 15 states have call predecessors, (20), 10 states have call successors, (20) Second operand 632 states. [2022-02-20 23:45:25,600 INFO L87 Difference]: Start difference. First operand has 394 states, 323 states have (on average 1.5510835913312693) internal successors, (501), 373 states have internal predecessors, (501), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 15 states have call predecessors, (20), 10 states have call successors, (20) Second operand 632 states. [2022-02-20 23:45:25,618 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:25,618 INFO L93 Difference]: Finished difference Result 632 states and 811 transitions. [2022-02-20 23:45:25,618 INFO L276 IsEmpty]: Start isEmpty. Operand 632 states and 811 transitions. [2022-02-20 23:45:25,619 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:25,620 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:25,620 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:25,620 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:25,620 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 394 states, 323 states have (on average 1.5510835913312693) internal successors, (501), 373 states have internal predecessors, (501), 10 states have call successors, (10), 5 states have call predecessors, (10), 10 states have return successors, (20), 15 states have call predecessors, (20), 10 states have call successors, (20) [2022-02-20 23:45:25,628 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 394 states to 394 states and 531 transitions. [2022-02-20 23:45:25,629 INFO L78 Accepts]: Start accepts. Automaton has 394 states and 531 transitions. Word has length 25 [2022-02-20 23:45:25,629 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:25,629 INFO L470 AbstractCegarLoop]: Abstraction has 394 states and 531 transitions. [2022-02-20 23:45:25,629 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 2.875) internal successors, (23), 7 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:25,629 INFO L276 IsEmpty]: Start isEmpty. Operand 394 states and 531 transitions. [2022-02-20 23:45:25,630 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-02-20 23:45:25,630 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:25,630 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:25,630 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable24 [2022-02-20 23:45:25,630 INFO L402 AbstractCegarLoop]: === Iteration 26 === Targeting ULTIMATE.startErr11REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:25,630 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:25,631 INFO L85 PathProgramCache]: Analyzing trace with hash -970840895, now seen corresponding path program 1 times [2022-02-20 23:45:25,631 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:25,631 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2113022092] [2022-02-20 23:45:25,631 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:25,631 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:25,659 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:25,738 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:25,740 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:25,742 INFO L290 TraceCheckUtils]: 0: Hoare triple {42881#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {42881#true} is VALID [2022-02-20 23:45:25,742 INFO L290 TraceCheckUtils]: 1: Hoare triple {42881#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {42881#true} is VALID [2022-02-20 23:45:25,742 INFO L290 TraceCheckUtils]: 2: Hoare triple {42881#true} assume true; {42881#true} is VALID [2022-02-20 23:45:25,743 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {42881#true} {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} #259#return; {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:25,744 INFO L290 TraceCheckUtils]: 0: Hoare triple {42881#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:25,744 INFO L290 TraceCheckUtils]: 1: Hoare triple {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:25,744 INFO L290 TraceCheckUtils]: 2: Hoare triple {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:25,745 INFO L290 TraceCheckUtils]: 3: Hoare triple {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:25,745 INFO L290 TraceCheckUtils]: 4: Hoare triple {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:25,746 INFO L290 TraceCheckUtils]: 5: Hoare triple {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:25,746 INFO L272 TraceCheckUtils]: 6: Hoare triple {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} call main_#t~ret23#1 := rand_end_point(); {42881#true} is VALID [2022-02-20 23:45:25,746 INFO L290 TraceCheckUtils]: 7: Hoare triple {42881#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {42881#true} is VALID [2022-02-20 23:45:25,746 INFO L290 TraceCheckUtils]: 8: Hoare triple {42881#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {42881#true} is VALID [2022-02-20 23:45:25,746 INFO L290 TraceCheckUtils]: 9: Hoare triple {42881#true} assume true; {42881#true} is VALID [2022-02-20 23:45:25,747 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {42881#true} {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} #259#return; {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:25,747 INFO L290 TraceCheckUtils]: 11: Hoare triple {42883#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {42888#(and (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (= 3 |ULTIMATE.start_append_one_~list#1.base|))} is VALID [2022-02-20 23:45:25,748 INFO L290 TraceCheckUtils]: 12: Hoare triple {42888#(and (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (= 3 |ULTIMATE.start_append_one_~list#1.base|))} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {42889#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 4) (select |#length| |ULTIMATE.start_append_one_~list#1.base|)) (= (select |#valid| |ULTIMATE.start_append_one_~list#1.base|) 1) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (= 3 |ULTIMATE.start_append_one_~list#1.base|))} is VALID [2022-02-20 23:45:25,749 INFO L290 TraceCheckUtils]: 13: Hoare triple {42889#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 4) (select |#length| |ULTIMATE.start_append_one_~list#1.base|)) (= (select |#valid| |ULTIMATE.start_append_one_~list#1.base|) 1) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (= 3 |ULTIMATE.start_append_one_~list#1.base|))} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} is VALID [2022-02-20 23:45:25,750 INFO L290 TraceCheckUtils]: 14: Hoare triple {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} is VALID [2022-02-20 23:45:25,750 INFO L290 TraceCheckUtils]: 15: Hoare triple {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} is VALID [2022-02-20 23:45:25,751 INFO L290 TraceCheckUtils]: 16: Hoare triple {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_NEXT;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_PREV; {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} is VALID [2022-02-20 23:45:25,752 INFO L290 TraceCheckUtils]: 17: Hoare triple {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} havoc create_item_#t~switch6#1; {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} is VALID [2022-02-20 23:45:25,752 INFO L290 TraceCheckUtils]: 18: Hoare triple {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} SUMMARY for call write~$Pointer$(create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1, 4); srcloc: L681 {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} is VALID [2022-02-20 23:45:25,753 INFO L290 TraceCheckUtils]: 19: Hoare triple {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} SUMMARY for call write~$Pointer$(0, 0, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1, 4); srcloc: L681-1 {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} is VALID [2022-02-20 23:45:25,754 INFO L290 TraceCheckUtils]: 20: Hoare triple {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} SUMMARY for call write~int(0, create_item_~item~0#1.base, 8 + create_item_~item~0#1.offset, 1); srcloc: L682 {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} is VALID [2022-02-20 23:45:25,754 INFO L290 TraceCheckUtils]: 21: Hoare triple {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} create_item_~head~0#1.base, create_item_~head~0#1.offset := create_item_~item~0#1.base, create_item_~item~0#1.offset; {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} is VALID [2022-02-20 23:45:25,755 INFO L290 TraceCheckUtils]: 22: Hoare triple {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} assume !(create_item_~link#1.base != 0 || create_item_~link#1.offset != 0); {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} is VALID [2022-02-20 23:45:25,755 INFO L290 TraceCheckUtils]: 23: Hoare triple {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} create_item_#res#1.base, create_item_#res#1.offset := create_item_~head~0#1.base, create_item_~head~0#1.offset; {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} is VALID [2022-02-20 23:45:25,756 INFO L290 TraceCheckUtils]: 24: Hoare triple {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset := create_item_#res#1.base, create_item_#res#1.offset;assume { :end_inline_create_item } true;append_one_~item~1#1.base, append_one_~item~1#1.offset := append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset; {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} is VALID [2022-02-20 23:45:25,757 INFO L290 TraceCheckUtils]: 25: Hoare triple {42890#(and (not (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 1) 0)) (= (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (- 8)) 0) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|) 4))} assume !(4 + (append_one_~list#1.offset + 4 * append_one_~to#1) <= #length[append_one_~list#1.base] && 0 <= append_one_~list#1.offset + 4 * append_one_~to#1); {42882#false} is VALID [2022-02-20 23:45:25,757 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:25,757 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:25,757 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2113022092] [2022-02-20 23:45:25,757 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2113022092] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:25,757 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:25,758 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:45:25,758 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [644985865] [2022-02-20 23:45:25,758 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:25,759 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 6 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 23:45:25,759 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:25,759 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 4.8) internal successors, (24), 6 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:25,780 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 26 edges. 26 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:25,780 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:45:25,780 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:25,781 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:45:25,781 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:45:25,781 INFO L87 Difference]: Start difference. First operand 394 states and 531 transitions. Second operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 6 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:26,593 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:26,594 INFO L93 Difference]: Finished difference Result 515 states and 640 transitions. [2022-02-20 23:45:26,594 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:45:26,594 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 6 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-02-20 23:45:26,594 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:26,594 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 6 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:26,596 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 353 transitions. [2022-02-20 23:45:26,597 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 6 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:26,598 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 353 transitions. [2022-02-20 23:45:26,599 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 353 transitions. [2022-02-20 23:45:26,895 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 353 edges. 353 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:26,904 INFO L225 Difference]: With dead ends: 515 [2022-02-20 23:45:26,904 INFO L226 Difference]: Without dead ends: 515 [2022-02-20 23:45:26,904 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=29, Invalid=43, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:45:26,904 INFO L933 BasicCegarLoop]: 151 mSDtfsCounter, 723 mSDsluCounter, 214 mSDsCounter, 0 mSdLazyCounter, 193 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 723 SdHoareTripleChecker+Valid, 365 SdHoareTripleChecker+Invalid, 223 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 193 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:26,905 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [723 Valid, 365 Invalid, 223 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [30 Valid, 193 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:45:26,905 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 515 states. [2022-02-20 23:45:26,911 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 515 to 405. [2022-02-20 23:45:26,911 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:26,911 INFO L82 GeneralOperation]: Start isEquivalent. First operand 515 states. Second operand has 405 states, 339 states have (on average 1.5309734513274336) internal successors, (519), 383 states have internal predecessors, (519), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) [2022-02-20 23:45:26,912 INFO L74 IsIncluded]: Start isIncluded. First operand 515 states. Second operand has 405 states, 339 states have (on average 1.5309734513274336) internal successors, (519), 383 states have internal predecessors, (519), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) [2022-02-20 23:45:26,912 INFO L87 Difference]: Start difference. First operand 515 states. Second operand has 405 states, 339 states have (on average 1.5309734513274336) internal successors, (519), 383 states have internal predecessors, (519), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) [2022-02-20 23:45:26,926 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:26,926 INFO L93 Difference]: Finished difference Result 515 states and 640 transitions. [2022-02-20 23:45:26,926 INFO L276 IsEmpty]: Start isEmpty. Operand 515 states and 640 transitions. [2022-02-20 23:45:26,927 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:26,927 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:26,927 INFO L74 IsIncluded]: Start isIncluded. First operand has 405 states, 339 states have (on average 1.5309734513274336) internal successors, (519), 383 states have internal predecessors, (519), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) Second operand 515 states. [2022-02-20 23:45:26,928 INFO L87 Difference]: Start difference. First operand has 405 states, 339 states have (on average 1.5309734513274336) internal successors, (519), 383 states have internal predecessors, (519), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) Second operand 515 states. [2022-02-20 23:45:26,939 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:26,939 INFO L93 Difference]: Finished difference Result 515 states and 640 transitions. [2022-02-20 23:45:26,939 INFO L276 IsEmpty]: Start isEmpty. Operand 515 states and 640 transitions. [2022-02-20 23:45:26,940 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:26,940 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:26,940 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:26,940 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:26,940 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 405 states, 339 states have (on average 1.5309734513274336) internal successors, (519), 383 states have internal predecessors, (519), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) [2022-02-20 23:45:26,948 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 405 states to 405 states and 552 transitions. [2022-02-20 23:45:26,948 INFO L78 Accepts]: Start accepts. Automaton has 405 states and 552 transitions. Word has length 26 [2022-02-20 23:45:26,948 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:26,948 INFO L470 AbstractCegarLoop]: Abstraction has 405 states and 552 transitions. [2022-02-20 23:45:26,948 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 6 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:26,948 INFO L276 IsEmpty]: Start isEmpty. Operand 405 states and 552 transitions. [2022-02-20 23:45:26,949 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:45:26,949 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:26,949 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:26,949 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable25 [2022-02-20 23:45:26,949 INFO L402 AbstractCegarLoop]: === Iteration 27 === Targeting ULTIMATE.startErr33ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:26,950 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:26,950 INFO L85 PathProgramCache]: Analyzing trace with hash 622100015, now seen corresponding path program 1 times [2022-02-20 23:45:26,950 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:26,950 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1933558323] [2022-02-20 23:45:26,950 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:26,950 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:26,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:27,012 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:27,014 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:27,016 INFO L290 TraceCheckUtils]: 0: Hoare triple {44849#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {44849#true} is VALID [2022-02-20 23:45:27,016 INFO L290 TraceCheckUtils]: 1: Hoare triple {44849#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {44849#true} is VALID [2022-02-20 23:45:27,016 INFO L290 TraceCheckUtils]: 2: Hoare triple {44849#true} assume true; {44849#true} is VALID [2022-02-20 23:45:27,017 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {44849#true} {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} #261#return; {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:27,018 INFO L290 TraceCheckUtils]: 0: Hoare triple {44849#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:27,018 INFO L290 TraceCheckUtils]: 1: Hoare triple {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:27,019 INFO L290 TraceCheckUtils]: 2: Hoare triple {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:27,019 INFO L290 TraceCheckUtils]: 3: Hoare triple {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:27,019 INFO L290 TraceCheckUtils]: 4: Hoare triple {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:27,020 INFO L290 TraceCheckUtils]: 5: Hoare triple {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:27,020 INFO L290 TraceCheckUtils]: 6: Hoare triple {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:27,021 INFO L290 TraceCheckUtils]: 7: Hoare triple {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:27,021 INFO L272 TraceCheckUtils]: 8: Hoare triple {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} call main_#t~ret25#1 := rand_end_point(); {44849#true} is VALID [2022-02-20 23:45:27,021 INFO L290 TraceCheckUtils]: 9: Hoare triple {44849#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {44849#true} is VALID [2022-02-20 23:45:27,021 INFO L290 TraceCheckUtils]: 10: Hoare triple {44849#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {44849#true} is VALID [2022-02-20 23:45:27,021 INFO L290 TraceCheckUtils]: 11: Hoare triple {44849#true} assume true; {44849#true} is VALID [2022-02-20 23:45:27,022 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {44849#true} {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} #261#return; {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} is VALID [2022-02-20 23:45:27,022 INFO L290 TraceCheckUtils]: 13: Hoare triple {44851#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) 0))} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:27,023 INFO L290 TraceCheckUtils]: 14: Hoare triple {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L659 {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:27,024 INFO L290 TraceCheckUtils]: 15: Hoare triple {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is_empty_~no_beg~0#1 := (if is_empty_#t~mem3#1.base == 0 && is_empty_#t~mem3#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset; {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:27,024 INFO L290 TraceCheckUtils]: 16: Hoare triple {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L660 {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:27,025 INFO L290 TraceCheckUtils]: 17: Hoare triple {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is_empty_~no_end~0#1 := (if is_empty_#t~mem4#1.base == 0 && is_empty_#t~mem4#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset; {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:27,025 INFO L290 TraceCheckUtils]: 18: Hoare triple {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} assume !(is_empty_~no_beg~0#1 != is_empty_~no_end~0#1); {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:27,025 INFO L290 TraceCheckUtils]: 19: Hoare triple {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is_empty_#res#1 := is_empty_~no_beg~0#1; {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:27,026 INFO L290 TraceCheckUtils]: 20: Hoare triple {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} remove_one_#t~ret11#1 := is_empty_#res#1;assume { :end_inline_is_empty } true;assume -2147483648 <= remove_one_#t~ret11#1 && remove_one_#t~ret11#1 <= 2147483647; {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:27,026 INFO L290 TraceCheckUtils]: 21: Hoare triple {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} assume !(0 != remove_one_#t~ret11#1);havoc remove_one_#t~ret11#1; {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:27,027 INFO L290 TraceCheckUtils]: 22: Hoare triple {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L702 {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:27,028 INFO L290 TraceCheckUtils]: 23: Hoare triple {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L702-1 {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:27,028 INFO L290 TraceCheckUtils]: 24: Hoare triple {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} assume remove_one_#t~mem12#1.base == remove_one_#t~mem13#1.base && remove_one_#t~mem12#1.offset == remove_one_#t~mem13#1.offset;havoc remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset;havoc remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset; {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:27,029 INFO L290 TraceCheckUtils]: 25: Hoare triple {44856#(and (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L703 {44857#(= |ULTIMATE.start_remove_one_#t~mem14#1.offset| 0)} is VALID [2022-02-20 23:45:27,029 INFO L290 TraceCheckUtils]: 26: Hoare triple {44857#(= |ULTIMATE.start_remove_one_#t~mem14#1.offset| 0)} assume !(0 == remove_one_#t~mem14#1.offset); {44850#false} is VALID [2022-02-20 23:45:27,029 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:27,029 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:27,029 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1933558323] [2022-02-20 23:45:27,030 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1933558323] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:27,030 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:27,030 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 23:45:27,030 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [403556155] [2022-02-20 23:45:27,030 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:27,031 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2022-02-20 23:45:27,031 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:27,031 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:27,051 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 27 edges. 27 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:27,051 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:45:27,051 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:27,052 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:45:27,052 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:45:27,052 INFO L87 Difference]: Start difference. First operand 405 states and 552 transitions. Second operand has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:27,507 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:27,507 INFO L93 Difference]: Finished difference Result 461 states and 604 transitions. [2022-02-20 23:45:27,507 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:45:27,507 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2022-02-20 23:45:27,507 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:27,507 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:27,508 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 262 transitions. [2022-02-20 23:45:27,508 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:27,509 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 262 transitions. [2022-02-20 23:45:27,509 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 262 transitions. [2022-02-20 23:45:27,679 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 262 edges. 262 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:27,686 INFO L225 Difference]: With dead ends: 461 [2022-02-20 23:45:27,686 INFO L226 Difference]: Without dead ends: 461 [2022-02-20 23:45:27,686 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:45:27,687 INFO L933 BasicCegarLoop]: 151 mSDtfsCounter, 151 mSDsluCounter, 377 mSDsCounter, 0 mSdLazyCounter, 132 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 151 SdHoareTripleChecker+Valid, 528 SdHoareTripleChecker+Invalid, 139 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 132 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:27,687 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [151 Valid, 528 Invalid, 139 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 132 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:27,688 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 461 states. [2022-02-20 23:45:27,692 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 461 to 405. [2022-02-20 23:45:27,692 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:27,693 INFO L82 GeneralOperation]: Start isEquivalent. First operand 461 states. Second operand has 405 states, 339 states have (on average 1.528023598820059) internal successors, (518), 383 states have internal predecessors, (518), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) [2022-02-20 23:45:27,693 INFO L74 IsIncluded]: Start isIncluded. First operand 461 states. Second operand has 405 states, 339 states have (on average 1.528023598820059) internal successors, (518), 383 states have internal predecessors, (518), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) [2022-02-20 23:45:27,694 INFO L87 Difference]: Start difference. First operand 461 states. Second operand has 405 states, 339 states have (on average 1.528023598820059) internal successors, (518), 383 states have internal predecessors, (518), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) [2022-02-20 23:45:27,706 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:27,706 INFO L93 Difference]: Finished difference Result 461 states and 604 transitions. [2022-02-20 23:45:27,706 INFO L276 IsEmpty]: Start isEmpty. Operand 461 states and 604 transitions. [2022-02-20 23:45:27,707 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:27,707 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:27,708 INFO L74 IsIncluded]: Start isIncluded. First operand has 405 states, 339 states have (on average 1.528023598820059) internal successors, (518), 383 states have internal predecessors, (518), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) Second operand 461 states. [2022-02-20 23:45:27,708 INFO L87 Difference]: Start difference. First operand has 405 states, 339 states have (on average 1.528023598820059) internal successors, (518), 383 states have internal predecessors, (518), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) Second operand 461 states. [2022-02-20 23:45:27,719 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:27,719 INFO L93 Difference]: Finished difference Result 461 states and 604 transitions. [2022-02-20 23:45:27,720 INFO L276 IsEmpty]: Start isEmpty. Operand 461 states and 604 transitions. [2022-02-20 23:45:27,720 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:27,720 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:27,720 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:27,721 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:27,721 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 405 states, 339 states have (on average 1.528023598820059) internal successors, (518), 383 states have internal predecessors, (518), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) [2022-02-20 23:45:27,730 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 405 states to 405 states and 551 transitions. [2022-02-20 23:45:27,730 INFO L78 Accepts]: Start accepts. Automaton has 405 states and 551 transitions. Word has length 27 [2022-02-20 23:45:27,730 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:27,730 INFO L470 AbstractCegarLoop]: Abstraction has 405 states and 551 transitions. [2022-02-20 23:45:27,730 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 6.25) internal successors, (25), 5 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:27,731 INFO L276 IsEmpty]: Start isEmpty. Operand 405 states and 551 transitions. [2022-02-20 23:45:27,731 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-02-20 23:45:27,731 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:27,731 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:27,731 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable26 [2022-02-20 23:45:27,731 INFO L402 AbstractCegarLoop]: === Iteration 28 === Targeting ULTIMATE.startErr13REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:27,732 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:27,732 INFO L85 PathProgramCache]: Analyzing trace with hash -31296654, now seen corresponding path program 1 times [2022-02-20 23:45:27,732 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:27,732 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [734592125] [2022-02-20 23:45:27,732 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:27,732 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:27,755 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:27,810 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:27,812 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:27,821 INFO L290 TraceCheckUtils]: 0: Hoare triple {46652#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {46652#true} is VALID [2022-02-20 23:45:27,822 INFO L290 TraceCheckUtils]: 1: Hoare triple {46652#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {46662#(<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|)} is VALID [2022-02-20 23:45:27,822 INFO L290 TraceCheckUtils]: 2: Hoare triple {46662#(<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|)} assume true; {46662#(<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|)} is VALID [2022-02-20 23:45:27,822 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {46662#(<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|)} {46654#(<= 0 |~#list~0.offset|)} #259#return; {46659#(and (<= 0 |~#list~0.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_main_#t~ret23#1|))} is VALID [2022-02-20 23:45:27,823 INFO L290 TraceCheckUtils]: 0: Hoare triple {46652#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {46654#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:27,824 INFO L290 TraceCheckUtils]: 1: Hoare triple {46654#(<= 0 |~#list~0.offset|)} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {46654#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:27,824 INFO L290 TraceCheckUtils]: 2: Hoare triple {46654#(<= 0 |~#list~0.offset|)} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {46654#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:27,824 INFO L290 TraceCheckUtils]: 3: Hoare triple {46654#(<= 0 |~#list~0.offset|)} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {46654#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:27,825 INFO L290 TraceCheckUtils]: 4: Hoare triple {46654#(<= 0 |~#list~0.offset|)} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {46654#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:27,825 INFO L290 TraceCheckUtils]: 5: Hoare triple {46654#(<= 0 |~#list~0.offset|)} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {46654#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:27,825 INFO L272 TraceCheckUtils]: 6: Hoare triple {46654#(<= 0 |~#list~0.offset|)} call main_#t~ret23#1 := rand_end_point(); {46652#true} is VALID [2022-02-20 23:45:27,825 INFO L290 TraceCheckUtils]: 7: Hoare triple {46652#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {46652#true} is VALID [2022-02-20 23:45:27,826 INFO L290 TraceCheckUtils]: 8: Hoare triple {46652#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {46662#(<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|)} is VALID [2022-02-20 23:45:27,826 INFO L290 TraceCheckUtils]: 9: Hoare triple {46662#(<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|)} assume true; {46662#(<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|)} is VALID [2022-02-20 23:45:27,826 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {46662#(<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|)} {46654#(<= 0 |~#list~0.offset|)} #259#return; {46659#(and (<= 0 |~#list~0.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_main_#t~ret23#1|))} is VALID [2022-02-20 23:45:27,827 INFO L290 TraceCheckUtils]: 11: Hoare triple {46659#(and (<= 0 |~#list~0.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_main_#t~ret23#1|))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,828 INFO L290 TraceCheckUtils]: 12: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,828 INFO L290 TraceCheckUtils]: 13: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,829 INFO L290 TraceCheckUtils]: 14: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,829 INFO L290 TraceCheckUtils]: 15: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,829 INFO L290 TraceCheckUtils]: 16: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_NEXT;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_PREV; {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,830 INFO L290 TraceCheckUtils]: 17: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} havoc create_item_#t~switch6#1; {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,830 INFO L290 TraceCheckUtils]: 18: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} SUMMARY for call write~$Pointer$(create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1, 4); srcloc: L681 {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,831 INFO L290 TraceCheckUtils]: 19: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} SUMMARY for call write~$Pointer$(0, 0, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1, 4); srcloc: L681-1 {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,832 INFO L290 TraceCheckUtils]: 20: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} SUMMARY for call write~int(0, create_item_~item~0#1.base, 8 + create_item_~item~0#1.offset, 1); srcloc: L682 {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,832 INFO L290 TraceCheckUtils]: 21: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} create_item_~head~0#1.base, create_item_~head~0#1.offset := create_item_~item~0#1.base, create_item_~item~0#1.offset; {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,833 INFO L290 TraceCheckUtils]: 22: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} assume !(create_item_~link#1.base != 0 || create_item_~link#1.offset != 0); {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,833 INFO L290 TraceCheckUtils]: 23: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} create_item_#res#1.base, create_item_#res#1.offset := create_item_~head~0#1.base, create_item_~head~0#1.offset; {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,833 INFO L290 TraceCheckUtils]: 24: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset := create_item_#res#1.base, create_item_#res#1.offset;assume { :end_inline_create_item } true;append_one_~item~1#1.base, append_one_~item~1#1.offset := append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset; {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} is VALID [2022-02-20 23:45:27,839 INFO L290 TraceCheckUtils]: 25: Hoare triple {46660#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|))} SUMMARY for call write~$Pointer$(append_one_~item~1#1.base, append_one_~item~1#1.offset, append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L692 {46661#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= (+ |ULTIMATE.start_append_one_~list#1.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |ULTIMATE.start_append_one_~list#1.base|)))} is VALID [2022-02-20 23:45:27,839 INFO L290 TraceCheckUtils]: 26: Hoare triple {46661#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= (+ |ULTIMATE.start_append_one_~list#1.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |ULTIMATE.start_append_one_~list#1.base|)))} assume !(4 + (append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG) <= #length[append_one_~list#1.base] && 0 <= append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG); {46653#false} is VALID [2022-02-20 23:45:27,839 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:27,840 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:27,840 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [734592125] [2022-02-20 23:45:27,840 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [734592125] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:27,840 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:27,840 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:45:27,840 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2060133964] [2022-02-20 23:45:27,840 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:27,841 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2022-02-20 23:45:27,841 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:27,841 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:27,861 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 27 edges. 27 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:27,861 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:45:27,862 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:27,862 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:45:27,862 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:45:27,862 INFO L87 Difference]: Start difference. First operand 405 states and 551 transitions. Second operand has 7 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:28,527 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:28,527 INFO L93 Difference]: Finished difference Result 442 states and 562 transitions. [2022-02-20 23:45:28,528 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:45:28,528 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2022-02-20 23:45:28,528 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:28,528 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:28,529 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 248 transitions. [2022-02-20 23:45:28,529 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:28,530 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 248 transitions. [2022-02-20 23:45:28,530 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 248 transitions. [2022-02-20 23:45:28,705 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 248 edges. 248 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:28,712 INFO L225 Difference]: With dead ends: 442 [2022-02-20 23:45:28,712 INFO L226 Difference]: Without dead ends: 442 [2022-02-20 23:45:28,712 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=34, Invalid=76, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:45:28,712 INFO L933 BasicCegarLoop]: 186 mSDtfsCounter, 424 mSDsluCounter, 540 mSDsCounter, 0 mSdLazyCounter, 149 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 426 SdHoareTripleChecker+Valid, 726 SdHoareTripleChecker+Invalid, 160 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 149 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:28,712 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [426 Valid, 726 Invalid, 160 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 149 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:28,713 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 442 states. [2022-02-20 23:45:28,717 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 442 to 403. [2022-02-20 23:45:28,717 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:28,718 INFO L82 GeneralOperation]: Start isEquivalent. First operand 442 states. Second operand has 403 states, 339 states have (on average 1.5162241887905605) internal successors, (514), 381 states have internal predecessors, (514), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) [2022-02-20 23:45:28,718 INFO L74 IsIncluded]: Start isIncluded. First operand 442 states. Second operand has 403 states, 339 states have (on average 1.5162241887905605) internal successors, (514), 381 states have internal predecessors, (514), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) [2022-02-20 23:45:28,719 INFO L87 Difference]: Start difference. First operand 442 states. Second operand has 403 states, 339 states have (on average 1.5162241887905605) internal successors, (514), 381 states have internal predecessors, (514), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) [2022-02-20 23:45:28,728 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:28,729 INFO L93 Difference]: Finished difference Result 442 states and 562 transitions. [2022-02-20 23:45:28,729 INFO L276 IsEmpty]: Start isEmpty. Operand 442 states and 562 transitions. [2022-02-20 23:45:28,729 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:28,729 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:28,730 INFO L74 IsIncluded]: Start isIncluded. First operand has 403 states, 339 states have (on average 1.5162241887905605) internal successors, (514), 381 states have internal predecessors, (514), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) Second operand 442 states. [2022-02-20 23:45:28,730 INFO L87 Difference]: Start difference. First operand has 403 states, 339 states have (on average 1.5162241887905605) internal successors, (514), 381 states have internal predecessors, (514), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) Second operand 442 states. [2022-02-20 23:45:28,741 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:28,741 INFO L93 Difference]: Finished difference Result 442 states and 562 transitions. [2022-02-20 23:45:28,741 INFO L276 IsEmpty]: Start isEmpty. Operand 442 states and 562 transitions. [2022-02-20 23:45:28,742 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:28,742 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:28,742 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:28,742 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:28,742 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 403 states, 339 states have (on average 1.5162241887905605) internal successors, (514), 381 states have internal predecessors, (514), 11 states have call successors, (11), 5 states have call predecessors, (11), 10 states have return successors, (22), 16 states have call predecessors, (22), 11 states have call successors, (22) [2022-02-20 23:45:28,751 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 403 states to 403 states and 547 transitions. [2022-02-20 23:45:28,751 INFO L78 Accepts]: Start accepts. Automaton has 403 states and 547 transitions. Word has length 27 [2022-02-20 23:45:28,751 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:28,751 INFO L470 AbstractCegarLoop]: Abstraction has 403 states and 547 transitions. [2022-02-20 23:45:28,752 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:28,752 INFO L276 IsEmpty]: Start isEmpty. Operand 403 states and 547 transitions. [2022-02-20 23:45:28,752 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-02-20 23:45:28,752 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:28,752 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:28,752 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable27 [2022-02-20 23:45:28,753 INFO L402 AbstractCegarLoop]: === Iteration 29 === Targeting ULTIMATE.startErr34ASSERT_VIOLATIONMEMORY_FREE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:28,753 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:28,753 INFO L85 PathProgramCache]: Analyzing trace with hash 2105231472, now seen corresponding path program 1 times [2022-02-20 23:45:28,753 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:28,753 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [727198461] [2022-02-20 23:45:28,753 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:28,754 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:28,769 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:28,830 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:28,832 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:28,835 INFO L290 TraceCheckUtils]: 0: Hoare triple {48402#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {48402#true} is VALID [2022-02-20 23:45:28,835 INFO L290 TraceCheckUtils]: 1: Hoare triple {48402#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {48402#true} is VALID [2022-02-20 23:45:28,835 INFO L290 TraceCheckUtils]: 2: Hoare triple {48402#true} assume true; {48402#true} is VALID [2022-02-20 23:45:28,836 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {48402#true} {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} #261#return; {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:28,836 INFO L290 TraceCheckUtils]: 0: Hoare triple {48402#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:28,837 INFO L290 TraceCheckUtils]: 1: Hoare triple {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:28,837 INFO L290 TraceCheckUtils]: 2: Hoare triple {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:28,838 INFO L290 TraceCheckUtils]: 3: Hoare triple {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:28,838 INFO L290 TraceCheckUtils]: 4: Hoare triple {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:28,839 INFO L290 TraceCheckUtils]: 5: Hoare triple {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:28,839 INFO L290 TraceCheckUtils]: 6: Hoare triple {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:28,840 INFO L290 TraceCheckUtils]: 7: Hoare triple {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:28,840 INFO L272 TraceCheckUtils]: 8: Hoare triple {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} call main_#t~ret25#1 := rand_end_point(); {48402#true} is VALID [2022-02-20 23:45:28,840 INFO L290 TraceCheckUtils]: 9: Hoare triple {48402#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {48402#true} is VALID [2022-02-20 23:45:28,840 INFO L290 TraceCheckUtils]: 10: Hoare triple {48402#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {48402#true} is VALID [2022-02-20 23:45:28,840 INFO L290 TraceCheckUtils]: 11: Hoare triple {48402#true} assume true; {48402#true} is VALID [2022-02-20 23:45:28,841 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {48402#true} {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} #261#return; {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:28,841 INFO L290 TraceCheckUtils]: 13: Hoare triple {48404#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:28,842 INFO L290 TraceCheckUtils]: 14: Hoare triple {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L659 {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:28,842 INFO L290 TraceCheckUtils]: 15: Hoare triple {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is_empty_~no_beg~0#1 := (if is_empty_#t~mem3#1.base == 0 && is_empty_#t~mem3#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset; {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:28,843 INFO L290 TraceCheckUtils]: 16: Hoare triple {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L660 {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:28,844 INFO L290 TraceCheckUtils]: 17: Hoare triple {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is_empty_~no_end~0#1 := (if is_empty_#t~mem4#1.base == 0 && is_empty_#t~mem4#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset; {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:28,844 INFO L290 TraceCheckUtils]: 18: Hoare triple {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} assume !(is_empty_~no_beg~0#1 != is_empty_~no_end~0#1); {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:28,845 INFO L290 TraceCheckUtils]: 19: Hoare triple {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is_empty_#res#1 := is_empty_~no_beg~0#1; {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:28,845 INFO L290 TraceCheckUtils]: 20: Hoare triple {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} remove_one_#t~ret11#1 := is_empty_#res#1;assume { :end_inline_is_empty } true;assume -2147483648 <= remove_one_#t~ret11#1 && remove_one_#t~ret11#1 <= 2147483647; {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:28,845 INFO L290 TraceCheckUtils]: 21: Hoare triple {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} assume !(0 != remove_one_#t~ret11#1);havoc remove_one_#t~ret11#1; {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:28,846 INFO L290 TraceCheckUtils]: 22: Hoare triple {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L702 {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:28,847 INFO L290 TraceCheckUtils]: 23: Hoare triple {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L702-1 {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:28,851 INFO L290 TraceCheckUtils]: 24: Hoare triple {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} assume remove_one_#t~mem12#1.base == remove_one_#t~mem13#1.base && remove_one_#t~mem12#1.offset == remove_one_#t~mem13#1.offset;havoc remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset;havoc remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset; {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:28,852 INFO L290 TraceCheckUtils]: 25: Hoare triple {48409#(and (<= 1 |#StackHeapBarrier|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L703 {48410#(and (= |ULTIMATE.start_remove_one_#t~mem14#1.base| 0) (<= 1 |#StackHeapBarrier|))} is VALID [2022-02-20 23:45:28,852 INFO L290 TraceCheckUtils]: 26: Hoare triple {48410#(and (= |ULTIMATE.start_remove_one_#t~mem14#1.base| 0) (<= 1 |#StackHeapBarrier|))} assume 0 == remove_one_#t~mem14#1.offset; {48410#(and (= |ULTIMATE.start_remove_one_#t~mem14#1.base| 0) (<= 1 |#StackHeapBarrier|))} is VALID [2022-02-20 23:45:28,853 INFO L290 TraceCheckUtils]: 27: Hoare triple {48410#(and (= |ULTIMATE.start_remove_one_#t~mem14#1.base| 0) (<= 1 |#StackHeapBarrier|))} assume !(remove_one_#t~mem14#1.base < #StackHeapBarrier); {48403#false} is VALID [2022-02-20 23:45:28,853 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:28,853 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:28,853 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [727198461] [2022-02-20 23:45:28,854 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [727198461] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:28,854 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:28,854 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-02-20 23:45:28,854 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1820134296] [2022-02-20 23:45:28,854 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:28,854 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 6.5) internal successors, (26), 5 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2022-02-20 23:45:28,855 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:28,855 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 4 states have (on average 6.5) internal successors, (26), 5 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:28,878 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 28 edges. 28 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:28,878 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:45:28,878 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:28,879 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:45:28,879 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:45:28,879 INFO L87 Difference]: Start difference. First operand 403 states and 547 transitions. Second operand has 5 states, 4 states have (on average 6.5) internal successors, (26), 5 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:29,426 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:29,427 INFO L93 Difference]: Finished difference Result 528 states and 692 transitions. [2022-02-20 23:45:29,427 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-02-20 23:45:29,427 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 6.5) internal successors, (26), 5 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2022-02-20 23:45:29,427 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:29,427 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 6.5) internal successors, (26), 5 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:29,428 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 277 transitions. [2022-02-20 23:45:29,428 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 4 states have (on average 6.5) internal successors, (26), 5 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:29,429 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 277 transitions. [2022-02-20 23:45:29,429 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 5 states and 277 transitions. [2022-02-20 23:45:29,616 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 277 edges. 277 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:29,625 INFO L225 Difference]: With dead ends: 528 [2022-02-20 23:45:29,625 INFO L226 Difference]: Without dead ends: 528 [2022-02-20 23:45:29,625 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:45:29,625 INFO L933 BasicCegarLoop]: 153 mSDtfsCounter, 178 mSDsluCounter, 348 mSDsCounter, 0 mSdLazyCounter, 177 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 178 SdHoareTripleChecker+Valid, 501 SdHoareTripleChecker+Invalid, 186 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 177 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:29,626 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [178 Valid, 501 Invalid, 186 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 177 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:29,626 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 528 states. [2022-02-20 23:45:29,631 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 528 to 441. [2022-02-20 23:45:29,631 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:29,632 INFO L82 GeneralOperation]: Start isEquivalent. First operand 528 states. Second operand has 441 states, 373 states have (on average 1.5120643431635388) internal successors, (564), 417 states have internal predecessors, (564), 13 states have call successors, (13), 6 states have call predecessors, (13), 12 states have return successors, (26), 17 states have call predecessors, (26), 13 states have call successors, (26) [2022-02-20 23:45:29,632 INFO L74 IsIncluded]: Start isIncluded. First operand 528 states. Second operand has 441 states, 373 states have (on average 1.5120643431635388) internal successors, (564), 417 states have internal predecessors, (564), 13 states have call successors, (13), 6 states have call predecessors, (13), 12 states have return successors, (26), 17 states have call predecessors, (26), 13 states have call successors, (26) [2022-02-20 23:45:29,632 INFO L87 Difference]: Start difference. First operand 528 states. Second operand has 441 states, 373 states have (on average 1.5120643431635388) internal successors, (564), 417 states have internal predecessors, (564), 13 states have call successors, (13), 6 states have call predecessors, (13), 12 states have return successors, (26), 17 states have call predecessors, (26), 13 states have call successors, (26) [2022-02-20 23:45:29,646 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:29,646 INFO L93 Difference]: Finished difference Result 528 states and 692 transitions. [2022-02-20 23:45:29,646 INFO L276 IsEmpty]: Start isEmpty. Operand 528 states and 692 transitions. [2022-02-20 23:45:29,647 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:29,647 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:29,648 INFO L74 IsIncluded]: Start isIncluded. First operand has 441 states, 373 states have (on average 1.5120643431635388) internal successors, (564), 417 states have internal predecessors, (564), 13 states have call successors, (13), 6 states have call predecessors, (13), 12 states have return successors, (26), 17 states have call predecessors, (26), 13 states have call successors, (26) Second operand 528 states. [2022-02-20 23:45:29,648 INFO L87 Difference]: Start difference. First operand has 441 states, 373 states have (on average 1.5120643431635388) internal successors, (564), 417 states have internal predecessors, (564), 13 states have call successors, (13), 6 states have call predecessors, (13), 12 states have return successors, (26), 17 states have call predecessors, (26), 13 states have call successors, (26) Second operand 528 states. [2022-02-20 23:45:29,662 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:29,662 INFO L93 Difference]: Finished difference Result 528 states and 692 transitions. [2022-02-20 23:45:29,662 INFO L276 IsEmpty]: Start isEmpty. Operand 528 states and 692 transitions. [2022-02-20 23:45:29,663 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:29,663 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:29,663 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:29,663 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:29,664 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 441 states, 373 states have (on average 1.5120643431635388) internal successors, (564), 417 states have internal predecessors, (564), 13 states have call successors, (13), 6 states have call predecessors, (13), 12 states have return successors, (26), 17 states have call predecessors, (26), 13 states have call successors, (26) [2022-02-20 23:45:29,681 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 441 states to 441 states and 603 transitions. [2022-02-20 23:45:29,682 INFO L78 Accepts]: Start accepts. Automaton has 441 states and 603 transitions. Word has length 28 [2022-02-20 23:45:29,682 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:29,682 INFO L470 AbstractCegarLoop]: Abstraction has 441 states and 603 transitions. [2022-02-20 23:45:29,682 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 6.5) internal successors, (26), 5 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:29,682 INFO L276 IsEmpty]: Start isEmpty. Operand 441 states and 603 transitions. [2022-02-20 23:45:29,683 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-02-20 23:45:29,683 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:29,683 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:29,683 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable28 [2022-02-20 23:45:29,683 INFO L402 AbstractCegarLoop]: === Iteration 30 === Targeting ULTIMATE.startErr17REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:29,684 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:29,684 INFO L85 PathProgramCache]: Analyzing trace with hash -11312492, now seen corresponding path program 1 times [2022-02-20 23:45:29,684 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:29,684 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1577235176] [2022-02-20 23:45:29,684 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:29,684 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:29,705 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:29,826 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:29,827 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:29,830 INFO L290 TraceCheckUtils]: 0: Hoare triple {50442#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {50442#true} is VALID [2022-02-20 23:45:29,830 INFO L290 TraceCheckUtils]: 1: Hoare triple {50442#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {50442#true} is VALID [2022-02-20 23:45:29,830 INFO L290 TraceCheckUtils]: 2: Hoare triple {50442#true} assume true; {50442#true} is VALID [2022-02-20 23:45:29,830 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {50442#true} {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} #259#return; {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:29,831 INFO L290 TraceCheckUtils]: 0: Hoare triple {50442#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:29,832 INFO L290 TraceCheckUtils]: 1: Hoare triple {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:29,832 INFO L290 TraceCheckUtils]: 2: Hoare triple {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:29,833 INFO L290 TraceCheckUtils]: 3: Hoare triple {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:29,833 INFO L290 TraceCheckUtils]: 4: Hoare triple {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:29,834 INFO L290 TraceCheckUtils]: 5: Hoare triple {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:29,834 INFO L272 TraceCheckUtils]: 6: Hoare triple {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} call main_#t~ret23#1 := rand_end_point(); {50442#true} is VALID [2022-02-20 23:45:29,834 INFO L290 TraceCheckUtils]: 7: Hoare triple {50442#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {50442#true} is VALID [2022-02-20 23:45:29,834 INFO L290 TraceCheckUtils]: 8: Hoare triple {50442#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {50442#true} is VALID [2022-02-20 23:45:29,834 INFO L290 TraceCheckUtils]: 9: Hoare triple {50442#true} assume true; {50442#true} is VALID [2022-02-20 23:45:29,835 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {50442#true} {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} #259#return; {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} is VALID [2022-02-20 23:45:29,836 INFO L290 TraceCheckUtils]: 11: Hoare triple {50444#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8) (<= 0 |~#list~0.offset|) (<= |~#list~0.offset| 0))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {50449#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| 3) 8) (= 3 |ULTIMATE.start_append_one_~list#1.base|))} is VALID [2022-02-20 23:45:29,836 INFO L290 TraceCheckUtils]: 12: Hoare triple {50449#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| 3) 8) (= 3 |ULTIMATE.start_append_one_~list#1.base|))} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {50450#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| 3) 8) (= (select |#valid| |ULTIMATE.start_append_one_~list#1.base|) 1) (= 3 |ULTIMATE.start_append_one_~list#1.base|))} is VALID [2022-02-20 23:45:29,837 INFO L290 TraceCheckUtils]: 13: Hoare triple {50450#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| 3) 8) (= (select |#valid| |ULTIMATE.start_append_one_~list#1.base|) 1) (= 3 |ULTIMATE.start_append_one_~list#1.base|))} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,838 INFO L290 TraceCheckUtils]: 14: Hoare triple {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,839 INFO L290 TraceCheckUtils]: 15: Hoare triple {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,839 INFO L290 TraceCheckUtils]: 16: Hoare triple {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_NEXT;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_PREV; {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,840 INFO L290 TraceCheckUtils]: 17: Hoare triple {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} havoc create_item_#t~switch6#1; {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,840 INFO L290 TraceCheckUtils]: 18: Hoare triple {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} SUMMARY for call write~$Pointer$(create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1, 4); srcloc: L681 {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,841 INFO L290 TraceCheckUtils]: 19: Hoare triple {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} SUMMARY for call write~$Pointer$(0, 0, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1, 4); srcloc: L681-1 {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,842 INFO L290 TraceCheckUtils]: 20: Hoare triple {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} SUMMARY for call write~int(0, create_item_~item~0#1.base, 8 + create_item_~item~0#1.offset, 1); srcloc: L682 {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,842 INFO L290 TraceCheckUtils]: 21: Hoare triple {50451#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (not (= 3 |ULTIMATE.start_create_item_~item~0#1.base|)) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} create_item_~head~0#1.base, create_item_~head~0#1.offset := create_item_~item~0#1.base, create_item_~item~0#1.offset; {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,843 INFO L290 TraceCheckUtils]: 22: Hoare triple {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} assume !(create_item_~link#1.base != 0 || create_item_~link#1.offset != 0); {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,843 INFO L290 TraceCheckUtils]: 23: Hoare triple {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} create_item_#res#1.base, create_item_#res#1.offset := create_item_~head~0#1.base, create_item_~head~0#1.offset; {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,844 INFO L290 TraceCheckUtils]: 24: Hoare triple {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset := create_item_#res#1.base, create_item_#res#1.offset;assume { :end_inline_create_item } true;append_one_~item~1#1.base, append_one_~item~1#1.offset := append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset; {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,845 INFO L290 TraceCheckUtils]: 25: Hoare triple {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} SUMMARY for call write~$Pointer$(append_one_~item~1#1.base, append_one_~item~1#1.offset, append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L692 {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,845 INFO L290 TraceCheckUtils]: 26: Hoare triple {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} SUMMARY for call append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L692-1 {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,846 INFO L290 TraceCheckUtils]: 27: Hoare triple {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} assume !(0 == append_one_#t~mem9#1.base && 0 == append_one_#t~mem9#1.offset);havoc append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset; {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} is VALID [2022-02-20 23:45:29,846 INFO L290 TraceCheckUtils]: 28: Hoare triple {50452#(and (<= 0 |ULTIMATE.start_append_one_~list#1.offset|) (<= |ULTIMATE.start_append_one_~list#1.offset| 0) (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) 8))} assume !(4 + (append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END) <= #length[append_one_~list#1.base] && 0 <= append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END); {50443#false} is VALID [2022-02-20 23:45:29,847 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:29,847 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:29,847 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1577235176] [2022-02-20 23:45:29,847 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1577235176] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:29,847 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:29,847 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:45:29,848 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [367329931] [2022-02-20 23:45:29,848 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:29,848 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 4.5) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2022-02-20 23:45:29,848 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:29,848 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 4.5) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:29,877 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 29 edges. 29 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:29,877 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:45:29,877 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:29,877 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:45:29,877 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:45:29,878 INFO L87 Difference]: Start difference. First operand 441 states and 603 transitions. Second operand has 7 states, 6 states have (on average 4.5) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:30,912 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:30,913 INFO L93 Difference]: Finished difference Result 552 states and 688 transitions. [2022-02-20 23:45:30,913 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-02-20 23:45:30,913 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 4.5) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2022-02-20 23:45:30,913 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:30,914 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 4.5) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:30,916 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 350 transitions. [2022-02-20 23:45:30,916 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 4.5) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:30,918 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7 states to 7 states and 350 transitions. [2022-02-20 23:45:30,918 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 7 states and 350 transitions. [2022-02-20 23:45:31,262 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 350 edges. 350 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:31,272 INFO L225 Difference]: With dead ends: 552 [2022-02-20 23:45:31,272 INFO L226 Difference]: Without dead ends: 552 [2022-02-20 23:45:31,272 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=44, Invalid=66, Unknown=0, NotChecked=0, Total=110 [2022-02-20 23:45:31,272 INFO L933 BasicCegarLoop]: 149 mSDtfsCounter, 608 mSDsluCounter, 264 mSDsCounter, 0 mSdLazyCounter, 241 mSolverCounterSat, 26 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 608 SdHoareTripleChecker+Valid, 413 SdHoareTripleChecker+Invalid, 267 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 26 IncrementalHoareTripleChecker+Valid, 241 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:31,273 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [608 Valid, 413 Invalid, 267 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [26 Valid, 241 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:45:31,273 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 552 states. [2022-02-20 23:45:31,278 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 552 to 444. [2022-02-20 23:45:31,278 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:31,279 INFO L82 GeneralOperation]: Start isEquivalent. First operand 552 states. Second operand has 444 states, 377 states have (on average 1.5013262599469497) internal successors, (566), 418 states have internal predecessors, (566), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 19 states have call predecessors, (28), 14 states have call successors, (28) [2022-02-20 23:45:31,279 INFO L74 IsIncluded]: Start isIncluded. First operand 552 states. Second operand has 444 states, 377 states have (on average 1.5013262599469497) internal successors, (566), 418 states have internal predecessors, (566), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 19 states have call predecessors, (28), 14 states have call successors, (28) [2022-02-20 23:45:31,280 INFO L87 Difference]: Start difference. First operand 552 states. Second operand has 444 states, 377 states have (on average 1.5013262599469497) internal successors, (566), 418 states have internal predecessors, (566), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 19 states have call predecessors, (28), 14 states have call successors, (28) [2022-02-20 23:45:31,292 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:31,292 INFO L93 Difference]: Finished difference Result 552 states and 688 transitions. [2022-02-20 23:45:31,292 INFO L276 IsEmpty]: Start isEmpty. Operand 552 states and 688 transitions. [2022-02-20 23:45:31,292 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:31,292 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:31,293 INFO L74 IsIncluded]: Start isIncluded. First operand has 444 states, 377 states have (on average 1.5013262599469497) internal successors, (566), 418 states have internal predecessors, (566), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 19 states have call predecessors, (28), 14 states have call successors, (28) Second operand 552 states. [2022-02-20 23:45:31,293 INFO L87 Difference]: Start difference. First operand has 444 states, 377 states have (on average 1.5013262599469497) internal successors, (566), 418 states have internal predecessors, (566), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 19 states have call predecessors, (28), 14 states have call successors, (28) Second operand 552 states. [2022-02-20 23:45:31,308 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:31,309 INFO L93 Difference]: Finished difference Result 552 states and 688 transitions. [2022-02-20 23:45:31,309 INFO L276 IsEmpty]: Start isEmpty. Operand 552 states and 688 transitions. [2022-02-20 23:45:31,310 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:31,310 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:31,310 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:31,310 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:31,310 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 444 states, 377 states have (on average 1.5013262599469497) internal successors, (566), 418 states have internal predecessors, (566), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 19 states have call predecessors, (28), 14 states have call successors, (28) [2022-02-20 23:45:31,321 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 444 states to 444 states and 608 transitions. [2022-02-20 23:45:31,321 INFO L78 Accepts]: Start accepts. Automaton has 444 states and 608 transitions. Word has length 29 [2022-02-20 23:45:31,321 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:31,322 INFO L470 AbstractCegarLoop]: Abstraction has 444 states and 608 transitions. [2022-02-20 23:45:31,322 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 4.5) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:31,322 INFO L276 IsEmpty]: Start isEmpty. Operand 444 states and 608 transitions. [2022-02-20 23:45:31,322 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 23:45:31,322 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:31,322 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:31,323 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable29 [2022-02-20 23:45:31,323 INFO L402 AbstractCegarLoop]: === Iteration 31 === Targeting ULTIMATE.startErr39REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:31,323 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:31,323 INFO L85 PathProgramCache]: Analyzing trace with hash 880183511, now seen corresponding path program 1 times [2022-02-20 23:45:31,323 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:31,323 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1854026525] [2022-02-20 23:45:31,324 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:31,324 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:31,336 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:31,366 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:31,368 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:31,375 INFO L290 TraceCheckUtils]: 0: Hoare triple {52563#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {52563#true} is VALID [2022-02-20 23:45:31,375 INFO L290 TraceCheckUtils]: 1: Hoare triple {52563#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {52571#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,376 INFO L290 TraceCheckUtils]: 2: Hoare triple {52571#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} assume true; {52571#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,376 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {52571#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} {52563#true} #261#return; {52569#(<= |ULTIMATE.start_main_#t~ret25#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,376 INFO L290 TraceCheckUtils]: 0: Hoare triple {52563#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {52563#true} is VALID [2022-02-20 23:45:31,377 INFO L290 TraceCheckUtils]: 1: Hoare triple {52563#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {52563#true} is VALID [2022-02-20 23:45:31,377 INFO L290 TraceCheckUtils]: 2: Hoare triple {52563#true} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {52563#true} is VALID [2022-02-20 23:45:31,377 INFO L290 TraceCheckUtils]: 3: Hoare triple {52563#true} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {52563#true} is VALID [2022-02-20 23:45:31,377 INFO L290 TraceCheckUtils]: 4: Hoare triple {52563#true} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {52563#true} is VALID [2022-02-20 23:45:31,377 INFO L290 TraceCheckUtils]: 5: Hoare triple {52563#true} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {52563#true} is VALID [2022-02-20 23:45:31,377 INFO L290 TraceCheckUtils]: 6: Hoare triple {52563#true} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {52563#true} is VALID [2022-02-20 23:45:31,377 INFO L290 TraceCheckUtils]: 7: Hoare triple {52563#true} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {52563#true} is VALID [2022-02-20 23:45:31,378 INFO L272 TraceCheckUtils]: 8: Hoare triple {52563#true} call main_#t~ret25#1 := rand_end_point(); {52563#true} is VALID [2022-02-20 23:45:31,378 INFO L290 TraceCheckUtils]: 9: Hoare triple {52563#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {52563#true} is VALID [2022-02-20 23:45:31,378 INFO L290 TraceCheckUtils]: 10: Hoare triple {52563#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {52571#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,378 INFO L290 TraceCheckUtils]: 11: Hoare triple {52571#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} assume true; {52571#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,379 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {52571#(<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG)} {52563#true} #261#return; {52569#(<= |ULTIMATE.start_main_#t~ret25#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,379 INFO L290 TraceCheckUtils]: 13: Hoare triple {52569#(<= |ULTIMATE.start_main_#t~ret25#1| ~unnamed1~0~LIST_BEG)} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,380 INFO L290 TraceCheckUtils]: 14: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} SUMMARY for call is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L659 {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,380 INFO L290 TraceCheckUtils]: 15: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is_empty_~no_beg~0#1 := (if is_empty_#t~mem3#1.base == 0 && is_empty_#t~mem3#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset; {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,380 INFO L290 TraceCheckUtils]: 16: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} SUMMARY for call is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L660 {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,381 INFO L290 TraceCheckUtils]: 17: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is_empty_~no_end~0#1 := (if is_empty_#t~mem4#1.base == 0 && is_empty_#t~mem4#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset; {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,381 INFO L290 TraceCheckUtils]: 18: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} assume !(is_empty_~no_beg~0#1 != is_empty_~no_end~0#1); {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,381 INFO L290 TraceCheckUtils]: 19: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is_empty_#res#1 := is_empty_~no_beg~0#1; {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,382 INFO L290 TraceCheckUtils]: 20: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} remove_one_#t~ret11#1 := is_empty_#res#1;assume { :end_inline_is_empty } true;assume -2147483648 <= remove_one_#t~ret11#1 && remove_one_#t~ret11#1 <= 2147483647; {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,382 INFO L290 TraceCheckUtils]: 21: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} assume !(0 != remove_one_#t~ret11#1);havoc remove_one_#t~ret11#1; {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,382 INFO L290 TraceCheckUtils]: 22: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} SUMMARY for call remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L702 {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,383 INFO L290 TraceCheckUtils]: 23: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} SUMMARY for call remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L702-1 {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,383 INFO L290 TraceCheckUtils]: 24: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} assume !(remove_one_#t~mem12#1.base == remove_one_#t~mem13#1.base && remove_one_#t~mem12#1.offset == remove_one_#t~mem13#1.offset);havoc remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset;havoc remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset; {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,383 INFO L290 TraceCheckUtils]: 25: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} assume ~unnamed1~0~LIST_BEG == remove_one_~from#1;remove_one_#t~ite16#1 := ~unnamed2~0~ITEM_NEXT; {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,384 INFO L290 TraceCheckUtils]: 26: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} remove_one_~next_field~0#1 := remove_one_#t~ite16#1;havoc remove_one_#t~ite16#1; {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} is VALID [2022-02-20 23:45:31,384 INFO L290 TraceCheckUtils]: 27: Hoare triple {52570#(<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG)} assume ~unnamed1~0~LIST_END == remove_one_~from#1;remove_one_#t~ite17#1 := ~unnamed2~0~ITEM_NEXT; {52564#false} is VALID [2022-02-20 23:45:31,384 INFO L290 TraceCheckUtils]: 28: Hoare triple {52564#false} remove_one_~term_field~1#1 := remove_one_#t~ite17#1;havoc remove_one_#t~ite17#1; {52564#false} is VALID [2022-02-20 23:45:31,384 INFO L290 TraceCheckUtils]: 29: Hoare triple {52564#false} assume !(4 + (remove_one_~list#1.offset + 4 * remove_one_~from#1) <= #length[remove_one_~list#1.base] && 0 <= remove_one_~list#1.offset + 4 * remove_one_~from#1); {52564#false} is VALID [2022-02-20 23:45:31,384 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:31,385 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:31,385 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1854026525] [2022-02-20 23:45:31,385 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1854026525] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:31,385 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:31,385 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:45:31,385 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [233506405] [2022-02-20 23:45:31,385 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:31,386 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 23:45:31,386 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:31,386 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:31,404 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:31,405 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:45:31,405 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:31,405 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:45:31,405 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:45:31,405 INFO L87 Difference]: Start difference. First operand 444 states and 608 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:31,847 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:31,847 INFO L93 Difference]: Finished difference Result 919 states and 1272 transitions. [2022-02-20 23:45:31,847 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:45:31,848 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 23:45:31,848 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:31,848 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:31,850 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 314 transitions. [2022-02-20 23:45:31,850 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:31,851 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 314 transitions. [2022-02-20 23:45:31,852 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 314 transitions. [2022-02-20 23:45:32,090 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 314 edges. 314 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:32,130 INFO L225 Difference]: With dead ends: 919 [2022-02-20 23:45:32,130 INFO L226 Difference]: Without dead ends: 919 [2022-02-20 23:45:32,130 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:45:32,131 INFO L933 BasicCegarLoop]: 201 mSDtfsCounter, 212 mSDsluCounter, 537 mSDsCounter, 0 mSdLazyCounter, 35 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 216 SdHoareTripleChecker+Valid, 738 SdHoareTripleChecker+Invalid, 36 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 35 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:32,131 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [216 Valid, 738 Invalid, 36 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 35 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:45:32,132 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 919 states. [2022-02-20 23:45:32,139 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 919 to 549. [2022-02-20 23:45:32,139 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:32,140 INFO L82 GeneralOperation]: Start isEquivalent. First operand 919 states. Second operand has 549 states, 482 states have (on average 1.5145228215767634) internal successors, (730), 516 states have internal predecessors, (730), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 26 states have call predecessors, (28), 14 states have call successors, (28) [2022-02-20 23:45:32,140 INFO L74 IsIncluded]: Start isIncluded. First operand 919 states. Second operand has 549 states, 482 states have (on average 1.5145228215767634) internal successors, (730), 516 states have internal predecessors, (730), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 26 states have call predecessors, (28), 14 states have call successors, (28) [2022-02-20 23:45:32,141 INFO L87 Difference]: Start difference. First operand 919 states. Second operand has 549 states, 482 states have (on average 1.5145228215767634) internal successors, (730), 516 states have internal predecessors, (730), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 26 states have call predecessors, (28), 14 states have call successors, (28) [2022-02-20 23:45:32,180 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:32,181 INFO L93 Difference]: Finished difference Result 919 states and 1272 transitions. [2022-02-20 23:45:32,181 INFO L276 IsEmpty]: Start isEmpty. Operand 919 states and 1272 transitions. [2022-02-20 23:45:32,182 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:32,182 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:32,183 INFO L74 IsIncluded]: Start isIncluded. First operand has 549 states, 482 states have (on average 1.5145228215767634) internal successors, (730), 516 states have internal predecessors, (730), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 26 states have call predecessors, (28), 14 states have call successors, (28) Second operand 919 states. [2022-02-20 23:45:32,184 INFO L87 Difference]: Start difference. First operand has 549 states, 482 states have (on average 1.5145228215767634) internal successors, (730), 516 states have internal predecessors, (730), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 26 states have call predecessors, (28), 14 states have call successors, (28) Second operand 919 states. [2022-02-20 23:45:32,224 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:32,225 INFO L93 Difference]: Finished difference Result 919 states and 1272 transitions. [2022-02-20 23:45:32,225 INFO L276 IsEmpty]: Start isEmpty. Operand 919 states and 1272 transitions. [2022-02-20 23:45:32,226 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:32,226 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:32,226 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:32,227 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:32,228 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 549 states, 482 states have (on average 1.5145228215767634) internal successors, (730), 516 states have internal predecessors, (730), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 26 states have call predecessors, (28), 14 states have call successors, (28) [2022-02-20 23:45:32,242 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 549 states to 549 states and 772 transitions. [2022-02-20 23:45:32,242 INFO L78 Accepts]: Start accepts. Automaton has 549 states and 772 transitions. Word has length 30 [2022-02-20 23:45:32,242 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:32,242 INFO L470 AbstractCegarLoop]: Abstraction has 549 states and 772 transitions. [2022-02-20 23:45:32,242 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:32,243 INFO L276 IsEmpty]: Start isEmpty. Operand 549 states and 772 transitions. [2022-02-20 23:45:32,243 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 23:45:32,243 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:32,243 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:32,243 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable30 [2022-02-20 23:45:32,244 INFO L402 AbstractCegarLoop]: === Iteration 32 === Targeting ULTIMATE.startErr39REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:32,244 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:32,244 INFO L85 PathProgramCache]: Analyzing trace with hash 880185433, now seen corresponding path program 1 times [2022-02-20 23:45:32,244 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:32,244 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [269424344] [2022-02-20 23:45:32,244 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:32,245 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:32,260 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:32,336 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:32,338 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:32,354 INFO L290 TraceCheckUtils]: 0: Hoare triple {55882#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {55882#true} is VALID [2022-02-20 23:45:32,355 INFO L290 TraceCheckUtils]: 1: Hoare triple {55882#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {55892#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:32,356 INFO L290 TraceCheckUtils]: 2: Hoare triple {55892#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} assume true; {55892#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:32,356 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {55892#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} {55882#true} #261#return; {55888#(and (<= |ULTIMATE.start_main_#t~ret25#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_main_#t~ret25#1|))} is VALID [2022-02-20 23:45:32,356 INFO L290 TraceCheckUtils]: 0: Hoare triple {55882#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {55882#true} is VALID [2022-02-20 23:45:32,357 INFO L290 TraceCheckUtils]: 1: Hoare triple {55882#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {55882#true} is VALID [2022-02-20 23:45:32,357 INFO L290 TraceCheckUtils]: 2: Hoare triple {55882#true} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {55882#true} is VALID [2022-02-20 23:45:32,357 INFO L290 TraceCheckUtils]: 3: Hoare triple {55882#true} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {55882#true} is VALID [2022-02-20 23:45:32,357 INFO L290 TraceCheckUtils]: 4: Hoare triple {55882#true} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {55882#true} is VALID [2022-02-20 23:45:32,357 INFO L290 TraceCheckUtils]: 5: Hoare triple {55882#true} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {55882#true} is VALID [2022-02-20 23:45:32,357 INFO L290 TraceCheckUtils]: 6: Hoare triple {55882#true} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {55882#true} is VALID [2022-02-20 23:45:32,357 INFO L290 TraceCheckUtils]: 7: Hoare triple {55882#true} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {55882#true} is VALID [2022-02-20 23:45:32,358 INFO L272 TraceCheckUtils]: 8: Hoare triple {55882#true} call main_#t~ret25#1 := rand_end_point(); {55882#true} is VALID [2022-02-20 23:45:32,358 INFO L290 TraceCheckUtils]: 9: Hoare triple {55882#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {55882#true} is VALID [2022-02-20 23:45:32,358 INFO L290 TraceCheckUtils]: 10: Hoare triple {55882#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {55892#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:32,359 INFO L290 TraceCheckUtils]: 11: Hoare triple {55892#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} assume true; {55892#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:32,359 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {55892#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} {55882#true} #261#return; {55888#(and (<= |ULTIMATE.start_main_#t~ret25#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_main_#t~ret25#1|))} is VALID [2022-02-20 23:45:32,360 INFO L290 TraceCheckUtils]: 13: Hoare triple {55888#(and (<= |ULTIMATE.start_main_#t~ret25#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_main_#t~ret25#1|))} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:32,361 INFO L290 TraceCheckUtils]: 14: Hoare triple {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} SUMMARY for call is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L659 {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:32,361 INFO L290 TraceCheckUtils]: 15: Hoare triple {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} is_empty_~no_beg~0#1 := (if is_empty_#t~mem3#1.base == 0 && is_empty_#t~mem3#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset; {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:32,362 INFO L290 TraceCheckUtils]: 16: Hoare triple {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} SUMMARY for call is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L660 {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:32,362 INFO L290 TraceCheckUtils]: 17: Hoare triple {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} is_empty_~no_end~0#1 := (if is_empty_#t~mem4#1.base == 0 && is_empty_#t~mem4#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset; {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:32,363 INFO L290 TraceCheckUtils]: 18: Hoare triple {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} assume !(is_empty_~no_beg~0#1 != is_empty_~no_end~0#1); {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:32,363 INFO L290 TraceCheckUtils]: 19: Hoare triple {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} is_empty_#res#1 := is_empty_~no_beg~0#1; {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:32,363 INFO L290 TraceCheckUtils]: 20: Hoare triple {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} remove_one_#t~ret11#1 := is_empty_#res#1;assume { :end_inline_is_empty } true;assume -2147483648 <= remove_one_#t~ret11#1 && remove_one_#t~ret11#1 <= 2147483647; {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:32,364 INFO L290 TraceCheckUtils]: 21: Hoare triple {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} assume !(0 != remove_one_#t~ret11#1);havoc remove_one_#t~ret11#1; {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:32,365 INFO L290 TraceCheckUtils]: 22: Hoare triple {55889#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG) (<= ~unnamed1~0~LIST_BEG |ULTIMATE.start_remove_one_~from#1|))} SUMMARY for call remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L702 {55890#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:32,365 INFO L290 TraceCheckUtils]: 23: Hoare triple {55890#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_BEG))} SUMMARY for call remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L702-1 {55891#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4) (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:32,366 INFO L290 TraceCheckUtils]: 24: Hoare triple {55891#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4) (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} assume !(remove_one_#t~mem12#1.base == remove_one_#t~mem13#1.base && remove_one_#t~mem12#1.offset == remove_one_#t~mem13#1.offset);havoc remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset;havoc remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset; {55891#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4) (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:32,366 INFO L290 TraceCheckUtils]: 25: Hoare triple {55891#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4) (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} assume ~unnamed1~0~LIST_BEG == remove_one_~from#1;remove_one_#t~ite16#1 := ~unnamed2~0~ITEM_NEXT; {55891#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4) (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:32,367 INFO L290 TraceCheckUtils]: 26: Hoare triple {55891#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4) (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} remove_one_~next_field~0#1 := remove_one_#t~ite16#1;havoc remove_one_#t~ite16#1; {55891#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4) (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:32,367 INFO L290 TraceCheckUtils]: 27: Hoare triple {55891#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4) (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} assume !(~unnamed1~0~LIST_END == remove_one_~from#1);remove_one_#t~ite17#1 := ~unnamed2~0~ITEM_PREV; {55891#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4) (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:32,368 INFO L290 TraceCheckUtils]: 28: Hoare triple {55891#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4) (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} remove_one_~term_field~1#1 := remove_one_#t~ite17#1;havoc remove_one_#t~ite17#1; {55891#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4) (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:32,369 INFO L290 TraceCheckUtils]: 29: Hoare triple {55891#(and (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4))) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4) (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (+ (select |#length| |ULTIMATE.start_remove_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} assume !(4 + (remove_one_~list#1.offset + 4 * remove_one_~from#1) <= #length[remove_one_~list#1.base] && 0 <= remove_one_~list#1.offset + 4 * remove_one_~from#1); {55883#false} is VALID [2022-02-20 23:45:32,369 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:32,369 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:32,369 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [269424344] [2022-02-20 23:45:32,369 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [269424344] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:32,369 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:32,370 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:45:32,370 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1144032606] [2022-02-20 23:45:32,370 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:32,370 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 23:45:32,370 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:32,371 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:32,400 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:32,400 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:45:32,400 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:32,401 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:45:32,401 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:45:32,401 INFO L87 Difference]: Start difference. First operand 549 states and 772 transitions. Second operand has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:33,481 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:33,481 INFO L93 Difference]: Finished difference Result 1117 states and 1535 transitions. [2022-02-20 23:45:33,481 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:45:33,481 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 23:45:33,481 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:33,481 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:33,484 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 426 transitions. [2022-02-20 23:45:33,484 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:33,487 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 426 transitions. [2022-02-20 23:45:33,487 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 426 transitions. [2022-02-20 23:45:33,792 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 426 edges. 426 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:33,826 INFO L225 Difference]: With dead ends: 1117 [2022-02-20 23:45:33,826 INFO L226 Difference]: Without dead ends: 1117 [2022-02-20 23:45:33,827 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=42, Invalid=90, Unknown=0, NotChecked=0, Total=132 [2022-02-20 23:45:33,827 INFO L933 BasicCegarLoop]: 228 mSDtfsCounter, 458 mSDsluCounter, 982 mSDsCounter, 0 mSdLazyCounter, 190 mSolverCounterSat, 26 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 462 SdHoareTripleChecker+Valid, 1210 SdHoareTripleChecker+Invalid, 216 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 26 IncrementalHoareTripleChecker+Valid, 190 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:33,827 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [462 Valid, 1210 Invalid, 216 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [26 Valid, 190 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:45:33,829 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1117 states. [2022-02-20 23:45:33,838 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1117 to 587. [2022-02-20 23:45:33,838 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:33,839 INFO L82 GeneralOperation]: Start isEquivalent. First operand 1117 states. Second operand has 587 states, 520 states have (on average 1.5096153846153846) internal successors, (785), 554 states have internal predecessors, (785), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 26 states have call predecessors, (28), 14 states have call successors, (28) [2022-02-20 23:45:33,840 INFO L74 IsIncluded]: Start isIncluded. First operand 1117 states. Second operand has 587 states, 520 states have (on average 1.5096153846153846) internal successors, (785), 554 states have internal predecessors, (785), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 26 states have call predecessors, (28), 14 states have call successors, (28) [2022-02-20 23:45:33,840 INFO L87 Difference]: Start difference. First operand 1117 states. Second operand has 587 states, 520 states have (on average 1.5096153846153846) internal successors, (785), 554 states have internal predecessors, (785), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 26 states have call predecessors, (28), 14 states have call successors, (28) [2022-02-20 23:45:33,893 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:33,894 INFO L93 Difference]: Finished difference Result 1117 states and 1535 transitions. [2022-02-20 23:45:33,894 INFO L276 IsEmpty]: Start isEmpty. Operand 1117 states and 1535 transitions. [2022-02-20 23:45:33,896 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:33,896 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:33,897 INFO L74 IsIncluded]: Start isIncluded. First operand has 587 states, 520 states have (on average 1.5096153846153846) internal successors, (785), 554 states have internal predecessors, (785), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 26 states have call predecessors, (28), 14 states have call successors, (28) Second operand 1117 states. [2022-02-20 23:45:33,898 INFO L87 Difference]: Start difference. First operand has 587 states, 520 states have (on average 1.5096153846153846) internal successors, (785), 554 states have internal predecessors, (785), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 26 states have call predecessors, (28), 14 states have call successors, (28) Second operand 1117 states. [2022-02-20 23:45:33,962 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:33,962 INFO L93 Difference]: Finished difference Result 1117 states and 1535 transitions. [2022-02-20 23:45:33,962 INFO L276 IsEmpty]: Start isEmpty. Operand 1117 states and 1535 transitions. [2022-02-20 23:45:33,964 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:33,964 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:33,964 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:33,964 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:33,965 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 587 states, 520 states have (on average 1.5096153846153846) internal successors, (785), 554 states have internal predecessors, (785), 14 states have call successors, (14), 6 states have call predecessors, (14), 12 states have return successors, (28), 26 states have call predecessors, (28), 14 states have call successors, (28) [2022-02-20 23:45:33,981 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 587 states to 587 states and 827 transitions. [2022-02-20 23:45:33,982 INFO L78 Accepts]: Start accepts. Automaton has 587 states and 827 transitions. Word has length 30 [2022-02-20 23:45:33,982 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:33,982 INFO L470 AbstractCegarLoop]: Abstraction has 587 states and 827 transitions. [2022-02-20 23:45:33,982 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:33,982 INFO L276 IsEmpty]: Start isEmpty. Operand 587 states and 827 transitions. [2022-02-20 23:45:33,983 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 23:45:33,983 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:33,983 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:33,983 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable31 [2022-02-20 23:45:33,983 INFO L402 AbstractCegarLoop]: === Iteration 33 === Targeting ULTIMATE.startErr36ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:33,984 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:33,984 INFO L85 PathProgramCache]: Analyzing trace with hash 197854354, now seen corresponding path program 1 times [2022-02-20 23:45:33,984 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:33,984 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1672306432] [2022-02-20 23:45:33,984 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:33,984 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:34,003 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:34,093 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:34,095 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:34,111 INFO L290 TraceCheckUtils]: 0: Hoare triple {59845#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {59845#true} is VALID [2022-02-20 23:45:34,111 INFO L290 TraceCheckUtils]: 1: Hoare triple {59845#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {59845#true} is VALID [2022-02-20 23:45:34,111 INFO L290 TraceCheckUtils]: 2: Hoare triple {59845#true} assume true; {59845#true} is VALID [2022-02-20 23:45:34,113 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {59845#true} {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} #261#return; {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,113 INFO L290 TraceCheckUtils]: 0: Hoare triple {59845#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,114 INFO L290 TraceCheckUtils]: 1: Hoare triple {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,114 INFO L290 TraceCheckUtils]: 2: Hoare triple {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,115 INFO L290 TraceCheckUtils]: 3: Hoare triple {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,115 INFO L290 TraceCheckUtils]: 4: Hoare triple {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,116 INFO L290 TraceCheckUtils]: 5: Hoare triple {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,116 INFO L290 TraceCheckUtils]: 6: Hoare triple {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,117 INFO L290 TraceCheckUtils]: 7: Hoare triple {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,117 INFO L272 TraceCheckUtils]: 8: Hoare triple {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} call main_#t~ret25#1 := rand_end_point(); {59845#true} is VALID [2022-02-20 23:45:34,117 INFO L290 TraceCheckUtils]: 9: Hoare triple {59845#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {59845#true} is VALID [2022-02-20 23:45:34,117 INFO L290 TraceCheckUtils]: 10: Hoare triple {59845#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {59845#true} is VALID [2022-02-20 23:45:34,117 INFO L290 TraceCheckUtils]: 11: Hoare triple {59845#true} assume true; {59845#true} is VALID [2022-02-20 23:45:34,117 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {59845#true} {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} #261#return; {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,118 INFO L290 TraceCheckUtils]: 13: Hoare triple {59847#(and (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) 0) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= (select |#valid| 3) 1))} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:34,119 INFO L290 TraceCheckUtils]: 14: Hoare triple {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L659 {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:34,119 INFO L290 TraceCheckUtils]: 15: Hoare triple {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is_empty_~no_beg~0#1 := (if is_empty_#t~mem3#1.base == 0 && is_empty_#t~mem3#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset; {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:34,120 INFO L290 TraceCheckUtils]: 16: Hoare triple {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L660 {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:34,120 INFO L290 TraceCheckUtils]: 17: Hoare triple {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is_empty_~no_end~0#1 := (if is_empty_#t~mem4#1.base == 0 && is_empty_#t~mem4#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset; {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:34,121 INFO L290 TraceCheckUtils]: 18: Hoare triple {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} assume !(is_empty_~no_beg~0#1 != is_empty_~no_end~0#1); {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:34,121 INFO L290 TraceCheckUtils]: 19: Hoare triple {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is_empty_#res#1 := is_empty_~no_beg~0#1; {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:34,122 INFO L290 TraceCheckUtils]: 20: Hoare triple {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} remove_one_#t~ret11#1 := is_empty_#res#1;assume { :end_inline_is_empty } true;assume -2147483648 <= remove_one_#t~ret11#1 && remove_one_#t~ret11#1 <= 2147483647; {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:34,122 INFO L290 TraceCheckUtils]: 21: Hoare triple {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} assume !(0 != remove_one_#t~ret11#1);havoc remove_one_#t~ret11#1; {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:34,123 INFO L290 TraceCheckUtils]: 22: Hoare triple {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L702 {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:34,123 INFO L290 TraceCheckUtils]: 23: Hoare triple {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L702-1 {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:34,124 INFO L290 TraceCheckUtils]: 24: Hoare triple {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} assume remove_one_#t~mem12#1.base == remove_one_#t~mem13#1.base && remove_one_#t~mem12#1.offset == remove_one_#t~mem13#1.offset;havoc remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset;havoc remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset; {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} is VALID [2022-02-20 23:45:34,124 INFO L290 TraceCheckUtils]: 25: Hoare triple {59852#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) 0))} SUMMARY for call remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L703 {59853#(and (not (= |ULTIMATE.start_remove_one_#t~mem14#1.base| 3)) (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,125 INFO L290 TraceCheckUtils]: 26: Hoare triple {59853#(and (not (= |ULTIMATE.start_remove_one_#t~mem14#1.base| 3)) (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1))} assume 0 == remove_one_#t~mem14#1.offset; {59853#(and (not (= |ULTIMATE.start_remove_one_#t~mem14#1.base| 3)) (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,125 INFO L290 TraceCheckUtils]: 27: Hoare triple {59853#(and (not (= |ULTIMATE.start_remove_one_#t~mem14#1.base| 3)) (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1))} assume remove_one_#t~mem14#1.base < #StackHeapBarrier; {59853#(and (not (= |ULTIMATE.start_remove_one_#t~mem14#1.base| 3)) (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1))} is VALID [2022-02-20 23:45:34,126 INFO L290 TraceCheckUtils]: 28: Hoare triple {59853#(and (not (= |ULTIMATE.start_remove_one_#t~mem14#1.base| 3)) (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#valid| 3) 1))} assume 0 == remove_one_#t~mem14#1.base || 1 == #valid[remove_one_#t~mem14#1.base];call ULTIMATE.dealloc(remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset);havoc remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset;assume { :begin_inline_#Ultimate.C_memset } true;#Ultimate.C_memset_#ptr#1.base, #Ultimate.C_memset_#ptr#1.offset, #Ultimate.C_memset_#value#1, #Ultimate.C_memset_#amount#1 := remove_one_~list#1.base, remove_one_~list#1.offset, 0, 8; {59854#(= (select |#valid| |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.base|) 1)} is VALID [2022-02-20 23:45:34,126 INFO L290 TraceCheckUtils]: 29: Hoare triple {59854#(= (select |#valid| |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.base|) 1)} assume !(1 == #valid[#Ultimate.C_memset_#ptr#1.base]); {59846#false} is VALID [2022-02-20 23:45:34,126 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:34,126 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:34,127 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1672306432] [2022-02-20 23:45:34,127 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1672306432] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:34,127 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:34,127 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:45:34,127 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [679960905] [2022-02-20 23:45:34,127 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:34,127 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 5.6) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 23:45:34,127 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:34,128 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 5 states have (on average 5.6) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:34,151 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:34,151 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:45:34,151 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:34,153 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:45:34,153 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:45:34,153 INFO L87 Difference]: Start difference. First operand 587 states and 827 transitions. Second operand has 6 states, 5 states have (on average 5.6) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:35,454 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:35,454 INFO L93 Difference]: Finished difference Result 1044 states and 1446 transitions. [2022-02-20 23:45:35,454 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-02-20 23:45:35,455 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 5.6) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 23:45:35,455 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:35,455 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 5.6) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:35,460 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 463 transitions. [2022-02-20 23:45:35,460 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 5 states have (on average 5.6) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:35,462 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8 states to 8 states and 463 transitions. [2022-02-20 23:45:35,463 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 8 states and 463 transitions. [2022-02-20 23:45:35,777 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 463 edges. 463 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:35,807 INFO L225 Difference]: With dead ends: 1044 [2022-02-20 23:45:35,807 INFO L226 Difference]: Without dead ends: 1044 [2022-02-20 23:45:35,807 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=34, Invalid=56, Unknown=0, NotChecked=0, Total=90 [2022-02-20 23:45:35,807 INFO L933 BasicCegarLoop]: 206 mSDtfsCounter, 375 mSDsluCounter, 594 mSDsCounter, 0 mSdLazyCounter, 499 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 377 SdHoareTripleChecker+Valid, 800 SdHoareTripleChecker+Invalid, 527 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 499 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:35,808 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [377 Valid, 800 Invalid, 527 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 499 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-02-20 23:45:35,811 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1044 states. [2022-02-20 23:45:35,817 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1044 to 630. [2022-02-20 23:45:35,817 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:35,818 INFO L82 GeneralOperation]: Start isEquivalent. First operand 1044 states. Second operand has 630 states, 559 states have (on average 1.4901610017889089) internal successors, (833), 594 states have internal predecessors, (833), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:35,818 INFO L74 IsIncluded]: Start isIncluded. First operand 1044 states. Second operand has 630 states, 559 states have (on average 1.4901610017889089) internal successors, (833), 594 states have internal predecessors, (833), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:35,819 INFO L87 Difference]: Start difference. First operand 1044 states. Second operand has 630 states, 559 states have (on average 1.4901610017889089) internal successors, (833), 594 states have internal predecessors, (833), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:35,854 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:35,854 INFO L93 Difference]: Finished difference Result 1044 states and 1446 transitions. [2022-02-20 23:45:35,854 INFO L276 IsEmpty]: Start isEmpty. Operand 1044 states and 1446 transitions. [2022-02-20 23:45:35,855 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:35,855 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:35,855 INFO L74 IsIncluded]: Start isIncluded. First operand has 630 states, 559 states have (on average 1.4901610017889089) internal successors, (833), 594 states have internal predecessors, (833), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) Second operand 1044 states. [2022-02-20 23:45:35,856 INFO L87 Difference]: Start difference. First operand has 630 states, 559 states have (on average 1.4901610017889089) internal successors, (833), 594 states have internal predecessors, (833), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) Second operand 1044 states. [2022-02-20 23:45:35,904 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:35,904 INFO L93 Difference]: Finished difference Result 1044 states and 1446 transitions. [2022-02-20 23:45:35,904 INFO L276 IsEmpty]: Start isEmpty. Operand 1044 states and 1446 transitions. [2022-02-20 23:45:35,906 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:35,906 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:35,906 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:35,906 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:35,907 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 630 states, 559 states have (on average 1.4901610017889089) internal successors, (833), 594 states have internal predecessors, (833), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:35,925 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 630 states to 630 states and 881 transitions. [2022-02-20 23:45:35,925 INFO L78 Accepts]: Start accepts. Automaton has 630 states and 881 transitions. Word has length 30 [2022-02-20 23:45:35,925 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:35,925 INFO L470 AbstractCegarLoop]: Abstraction has 630 states and 881 transitions. [2022-02-20 23:45:35,926 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 5.6) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:35,926 INFO L276 IsEmpty]: Start isEmpty. Operand 630 states and 881 transitions. [2022-02-20 23:45:35,926 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 23:45:35,926 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:35,926 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:35,926 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable32 [2022-02-20 23:45:35,927 INFO L402 AbstractCegarLoop]: === Iteration 34 === Targeting ULTIMATE.startErr39REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:35,927 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:35,927 INFO L85 PathProgramCache]: Analyzing trace with hash 471361208, now seen corresponding path program 1 times [2022-02-20 23:45:35,927 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:35,927 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1730407703] [2022-02-20 23:45:35,928 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:35,928 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:35,940 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:35,972 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:35,974 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:35,983 INFO L290 TraceCheckUtils]: 0: Hoare triple {63627#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {63627#true} is VALID [2022-02-20 23:45:35,984 INFO L290 TraceCheckUtils]: 1: Hoare triple {63627#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {63635#(<= ~unnamed1~0~LIST_END |rand_end_point_#res|)} is VALID [2022-02-20 23:45:35,984 INFO L290 TraceCheckUtils]: 2: Hoare triple {63635#(<= ~unnamed1~0~LIST_END |rand_end_point_#res|)} assume true; {63635#(<= ~unnamed1~0~LIST_END |rand_end_point_#res|)} is VALID [2022-02-20 23:45:35,984 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {63635#(<= ~unnamed1~0~LIST_END |rand_end_point_#res|)} {63627#true} #261#return; {63633#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_main_#t~ret25#1|)} is VALID [2022-02-20 23:45:35,985 INFO L290 TraceCheckUtils]: 0: Hoare triple {63627#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {63627#true} is VALID [2022-02-20 23:45:35,985 INFO L290 TraceCheckUtils]: 1: Hoare triple {63627#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {63627#true} is VALID [2022-02-20 23:45:35,985 INFO L290 TraceCheckUtils]: 2: Hoare triple {63627#true} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {63627#true} is VALID [2022-02-20 23:45:35,985 INFO L290 TraceCheckUtils]: 3: Hoare triple {63627#true} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {63627#true} is VALID [2022-02-20 23:45:35,985 INFO L290 TraceCheckUtils]: 4: Hoare triple {63627#true} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {63627#true} is VALID [2022-02-20 23:45:35,985 INFO L290 TraceCheckUtils]: 5: Hoare triple {63627#true} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {63627#true} is VALID [2022-02-20 23:45:35,985 INFO L290 TraceCheckUtils]: 6: Hoare triple {63627#true} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {63627#true} is VALID [2022-02-20 23:45:35,986 INFO L290 TraceCheckUtils]: 7: Hoare triple {63627#true} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {63627#true} is VALID [2022-02-20 23:45:35,986 INFO L272 TraceCheckUtils]: 8: Hoare triple {63627#true} call main_#t~ret25#1 := rand_end_point(); {63627#true} is VALID [2022-02-20 23:45:35,986 INFO L290 TraceCheckUtils]: 9: Hoare triple {63627#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {63627#true} is VALID [2022-02-20 23:45:35,986 INFO L290 TraceCheckUtils]: 10: Hoare triple {63627#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {63635#(<= ~unnamed1~0~LIST_END |rand_end_point_#res|)} is VALID [2022-02-20 23:45:35,987 INFO L290 TraceCheckUtils]: 11: Hoare triple {63635#(<= ~unnamed1~0~LIST_END |rand_end_point_#res|)} assume true; {63635#(<= ~unnamed1~0~LIST_END |rand_end_point_#res|)} is VALID [2022-02-20 23:45:35,987 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {63635#(<= ~unnamed1~0~LIST_END |rand_end_point_#res|)} {63627#true} #261#return; {63633#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_main_#t~ret25#1|)} is VALID [2022-02-20 23:45:35,988 INFO L290 TraceCheckUtils]: 13: Hoare triple {63633#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_main_#t~ret25#1|)} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is VALID [2022-02-20 23:45:35,988 INFO L290 TraceCheckUtils]: 14: Hoare triple {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} SUMMARY for call is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L659 {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is VALID [2022-02-20 23:45:35,988 INFO L290 TraceCheckUtils]: 15: Hoare triple {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is_empty_~no_beg~0#1 := (if is_empty_#t~mem3#1.base == 0 && is_empty_#t~mem3#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset; {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is VALID [2022-02-20 23:45:35,989 INFO L290 TraceCheckUtils]: 16: Hoare triple {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} SUMMARY for call is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L660 {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is VALID [2022-02-20 23:45:35,989 INFO L290 TraceCheckUtils]: 17: Hoare triple {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is_empty_~no_end~0#1 := (if is_empty_#t~mem4#1.base == 0 && is_empty_#t~mem4#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset; {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is VALID [2022-02-20 23:45:35,989 INFO L290 TraceCheckUtils]: 18: Hoare triple {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} assume !(is_empty_~no_beg~0#1 != is_empty_~no_end~0#1); {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is VALID [2022-02-20 23:45:35,990 INFO L290 TraceCheckUtils]: 19: Hoare triple {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is_empty_#res#1 := is_empty_~no_beg~0#1; {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is VALID [2022-02-20 23:45:35,990 INFO L290 TraceCheckUtils]: 20: Hoare triple {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} remove_one_#t~ret11#1 := is_empty_#res#1;assume { :end_inline_is_empty } true;assume -2147483648 <= remove_one_#t~ret11#1 && remove_one_#t~ret11#1 <= 2147483647; {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is VALID [2022-02-20 23:45:35,990 INFO L290 TraceCheckUtils]: 21: Hoare triple {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} assume !(0 != remove_one_#t~ret11#1);havoc remove_one_#t~ret11#1; {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is VALID [2022-02-20 23:45:35,991 INFO L290 TraceCheckUtils]: 22: Hoare triple {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} SUMMARY for call remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L702 {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is VALID [2022-02-20 23:45:35,991 INFO L290 TraceCheckUtils]: 23: Hoare triple {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} SUMMARY for call remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L702-1 {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is VALID [2022-02-20 23:45:35,991 INFO L290 TraceCheckUtils]: 24: Hoare triple {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} assume !(remove_one_#t~mem12#1.base == remove_one_#t~mem13#1.base && remove_one_#t~mem12#1.offset == remove_one_#t~mem13#1.offset);havoc remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset;havoc remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset; {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} is VALID [2022-02-20 23:45:35,992 INFO L290 TraceCheckUtils]: 25: Hoare triple {63634#(<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|)} assume ~unnamed1~0~LIST_BEG == remove_one_~from#1;remove_one_#t~ite16#1 := ~unnamed2~0~ITEM_NEXT; {63628#false} is VALID [2022-02-20 23:45:35,992 INFO L290 TraceCheckUtils]: 26: Hoare triple {63628#false} remove_one_~next_field~0#1 := remove_one_#t~ite16#1;havoc remove_one_#t~ite16#1; {63628#false} is VALID [2022-02-20 23:45:35,992 INFO L290 TraceCheckUtils]: 27: Hoare triple {63628#false} assume !(~unnamed1~0~LIST_END == remove_one_~from#1);remove_one_#t~ite17#1 := ~unnamed2~0~ITEM_PREV; {63628#false} is VALID [2022-02-20 23:45:35,992 INFO L290 TraceCheckUtils]: 28: Hoare triple {63628#false} remove_one_~term_field~1#1 := remove_one_#t~ite17#1;havoc remove_one_#t~ite17#1; {63628#false} is VALID [2022-02-20 23:45:35,992 INFO L290 TraceCheckUtils]: 29: Hoare triple {63628#false} assume !(4 + (remove_one_~list#1.offset + 4 * remove_one_~from#1) <= #length[remove_one_~list#1.base] && 0 <= remove_one_~list#1.offset + 4 * remove_one_~from#1); {63628#false} is VALID [2022-02-20 23:45:35,992 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:35,993 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:35,993 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1730407703] [2022-02-20 23:45:35,993 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1730407703] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:35,993 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:35,993 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-02-20 23:45:35,993 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2108755414] [2022-02-20 23:45:35,993 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:35,994 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 23:45:35,994 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:35,994 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:36,014 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:36,014 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-02-20 23:45:36,015 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:36,015 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-02-20 23:45:36,015 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-02-20 23:45:36,015 INFO L87 Difference]: Start difference. First operand 630 states and 881 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:36,430 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:36,430 INFO L93 Difference]: Finished difference Result 925 states and 1259 transitions. [2022-02-20 23:45:36,430 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:45:36,430 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 23:45:36,430 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:36,430 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:36,431 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 284 transitions. [2022-02-20 23:45:36,431 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:36,432 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 284 transitions. [2022-02-20 23:45:36,432 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 284 transitions. [2022-02-20 23:45:36,607 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 284 edges. 284 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:36,632 INFO L225 Difference]: With dead ends: 925 [2022-02-20 23:45:36,632 INFO L226 Difference]: Without dead ends: 925 [2022-02-20 23:45:36,632 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:45:36,633 INFO L933 BasicCegarLoop]: 273 mSDtfsCounter, 191 mSDsluCounter, 613 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 193 SdHoareTripleChecker+Valid, 886 SdHoareTripleChecker+Invalid, 30 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:36,633 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [193 Valid, 886 Invalid, 30 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-02-20 23:45:36,634 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 925 states. [2022-02-20 23:45:36,640 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 925 to 622. [2022-02-20 23:45:36,640 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:36,641 INFO L82 GeneralOperation]: Start isEquivalent. First operand 925 states. Second operand has 622 states, 551 states have (on average 1.4900181488203266) internal successors, (821), 586 states have internal predecessors, (821), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:36,642 INFO L74 IsIncluded]: Start isIncluded. First operand 925 states. Second operand has 622 states, 551 states have (on average 1.4900181488203266) internal successors, (821), 586 states have internal predecessors, (821), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:36,642 INFO L87 Difference]: Start difference. First operand 925 states. Second operand has 622 states, 551 states have (on average 1.4900181488203266) internal successors, (821), 586 states have internal predecessors, (821), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:36,670 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:36,670 INFO L93 Difference]: Finished difference Result 925 states and 1259 transitions. [2022-02-20 23:45:36,670 INFO L276 IsEmpty]: Start isEmpty. Operand 925 states and 1259 transitions. [2022-02-20 23:45:36,671 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:36,671 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:36,672 INFO L74 IsIncluded]: Start isIncluded. First operand has 622 states, 551 states have (on average 1.4900181488203266) internal successors, (821), 586 states have internal predecessors, (821), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) Second operand 925 states. [2022-02-20 23:45:36,672 INFO L87 Difference]: Start difference. First operand has 622 states, 551 states have (on average 1.4900181488203266) internal successors, (821), 586 states have internal predecessors, (821), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) Second operand 925 states. [2022-02-20 23:45:36,711 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:36,711 INFO L93 Difference]: Finished difference Result 925 states and 1259 transitions. [2022-02-20 23:45:36,711 INFO L276 IsEmpty]: Start isEmpty. Operand 925 states and 1259 transitions. [2022-02-20 23:45:36,712 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:36,712 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:36,712 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:36,713 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:36,713 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 622 states, 551 states have (on average 1.4900181488203266) internal successors, (821), 586 states have internal predecessors, (821), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:36,731 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 622 states to 622 states and 869 transitions. [2022-02-20 23:45:36,731 INFO L78 Accepts]: Start accepts. Automaton has 622 states and 869 transitions. Word has length 30 [2022-02-20 23:45:36,731 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:36,731 INFO L470 AbstractCegarLoop]: Abstraction has 622 states and 869 transitions. [2022-02-20 23:45:36,732 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 4 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:36,732 INFO L276 IsEmpty]: Start isEmpty. Operand 622 states and 869 transitions. [2022-02-20 23:45:36,732 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-02-20 23:45:36,732 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:36,732 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:36,733 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable33 [2022-02-20 23:45:36,733 INFO L402 AbstractCegarLoop]: === Iteration 35 === Targeting ULTIMATE.startErr39REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:36,733 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:36,733 INFO L85 PathProgramCache]: Analyzing trace with hash 473206328, now seen corresponding path program 1 times [2022-02-20 23:45:36,733 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:36,733 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2072321938] [2022-02-20 23:45:36,734 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:36,734 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:36,746 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:36,809 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:36,811 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:36,830 INFO L290 TraceCheckUtils]: 0: Hoare triple {67037#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {67037#true} is VALID [2022-02-20 23:45:36,831 INFO L290 TraceCheckUtils]: 1: Hoare triple {67037#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {67047#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:36,831 INFO L290 TraceCheckUtils]: 2: Hoare triple {67047#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} assume true; {67047#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:36,832 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {67047#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} {67037#true} #261#return; {67043#(and (<= ~unnamed1~0~LIST_END |ULTIMATE.start_main_#t~ret25#1|) (<= |ULTIMATE.start_main_#t~ret25#1| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:36,832 INFO L290 TraceCheckUtils]: 0: Hoare triple {67037#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {67037#true} is VALID [2022-02-20 23:45:36,832 INFO L290 TraceCheckUtils]: 1: Hoare triple {67037#true} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {67037#true} is VALID [2022-02-20 23:45:36,832 INFO L290 TraceCheckUtils]: 2: Hoare triple {67037#true} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {67037#true} is VALID [2022-02-20 23:45:36,832 INFO L290 TraceCheckUtils]: 3: Hoare triple {67037#true} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {67037#true} is VALID [2022-02-20 23:45:36,833 INFO L290 TraceCheckUtils]: 4: Hoare triple {67037#true} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {67037#true} is VALID [2022-02-20 23:45:36,833 INFO L290 TraceCheckUtils]: 5: Hoare triple {67037#true} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {67037#true} is VALID [2022-02-20 23:45:36,833 INFO L290 TraceCheckUtils]: 6: Hoare triple {67037#true} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {67037#true} is VALID [2022-02-20 23:45:36,833 INFO L290 TraceCheckUtils]: 7: Hoare triple {67037#true} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {67037#true} is VALID [2022-02-20 23:45:36,833 INFO L272 TraceCheckUtils]: 8: Hoare triple {67037#true} call main_#t~ret25#1 := rand_end_point(); {67037#true} is VALID [2022-02-20 23:45:36,833 INFO L290 TraceCheckUtils]: 9: Hoare triple {67037#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {67037#true} is VALID [2022-02-20 23:45:36,834 INFO L290 TraceCheckUtils]: 10: Hoare triple {67037#true} assume !(0 != #t~nondet20);havoc #t~nondet20;#res := ~unnamed1~0~LIST_END; {67047#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:36,834 INFO L290 TraceCheckUtils]: 11: Hoare triple {67047#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} assume true; {67047#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:36,835 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {67047#(and (<= ~unnamed1~0~LIST_END |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_END))} {67037#true} #261#return; {67043#(and (<= ~unnamed1~0~LIST_END |ULTIMATE.start_main_#t~ret25#1|) (<= |ULTIMATE.start_main_#t~ret25#1| ~unnamed1~0~LIST_END))} is VALID [2022-02-20 23:45:36,835 INFO L290 TraceCheckUtils]: 13: Hoare triple {67043#(and (<= ~unnamed1~0~LIST_END |ULTIMATE.start_main_#t~ret25#1|) (<= |ULTIMATE.start_main_#t~ret25#1| ~unnamed1~0~LIST_END))} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:36,836 INFO L290 TraceCheckUtils]: 14: Hoare triple {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} SUMMARY for call is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L659 {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:36,836 INFO L290 TraceCheckUtils]: 15: Hoare triple {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} is_empty_~no_beg~0#1 := (if is_empty_#t~mem3#1.base == 0 && is_empty_#t~mem3#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset; {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:36,837 INFO L290 TraceCheckUtils]: 16: Hoare triple {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} SUMMARY for call is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L660 {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:36,837 INFO L290 TraceCheckUtils]: 17: Hoare triple {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} is_empty_~no_end~0#1 := (if is_empty_#t~mem4#1.base == 0 && is_empty_#t~mem4#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset; {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:36,838 INFO L290 TraceCheckUtils]: 18: Hoare triple {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} assume !(is_empty_~no_beg~0#1 != is_empty_~no_end~0#1); {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:36,838 INFO L290 TraceCheckUtils]: 19: Hoare triple {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} is_empty_#res#1 := is_empty_~no_beg~0#1; {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:36,838 INFO L290 TraceCheckUtils]: 20: Hoare triple {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} remove_one_#t~ret11#1 := is_empty_#res#1;assume { :end_inline_is_empty } true;assume -2147483648 <= remove_one_#t~ret11#1 && remove_one_#t~ret11#1 <= 2147483647; {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:36,839 INFO L290 TraceCheckUtils]: 21: Hoare triple {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} assume !(0 != remove_one_#t~ret11#1);havoc remove_one_#t~ret11#1; {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} is VALID [2022-02-20 23:45:36,840 INFO L290 TraceCheckUtils]: 22: Hoare triple {67044#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= ~unnamed1~0~LIST_END |ULTIMATE.start_remove_one_~from#1|))} SUMMARY for call remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L702 {67045#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:36,840 INFO L290 TraceCheckUtils]: 23: Hoare triple {67045#(and (<= |ULTIMATE.start_remove_one_~from#1| ~unnamed1~0~LIST_END) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} SUMMARY for call remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L702-1 {67046#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (select |#length| |ULTIMATE.start_remove_one_~list#1.base|)) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:36,841 INFO L290 TraceCheckUtils]: 24: Hoare triple {67046#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (select |#length| |ULTIMATE.start_remove_one_~list#1.base|)) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} assume !(remove_one_#t~mem12#1.base == remove_one_#t~mem13#1.base && remove_one_#t~mem12#1.offset == remove_one_#t~mem13#1.offset);havoc remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset;havoc remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset; {67046#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (select |#length| |ULTIMATE.start_remove_one_~list#1.base|)) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:36,841 INFO L290 TraceCheckUtils]: 25: Hoare triple {67046#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (select |#length| |ULTIMATE.start_remove_one_~list#1.base|)) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} assume !(~unnamed1~0~LIST_BEG == remove_one_~from#1);remove_one_#t~ite16#1 := ~unnamed2~0~ITEM_PREV; {67046#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (select |#length| |ULTIMATE.start_remove_one_~list#1.base|)) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:36,842 INFO L290 TraceCheckUtils]: 26: Hoare triple {67046#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (select |#length| |ULTIMATE.start_remove_one_~list#1.base|)) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} remove_one_~next_field~0#1 := remove_one_#t~ite16#1;havoc remove_one_#t~ite16#1; {67046#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (select |#length| |ULTIMATE.start_remove_one_~list#1.base|)) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:36,842 INFO L290 TraceCheckUtils]: 27: Hoare triple {67046#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (select |#length| |ULTIMATE.start_remove_one_~list#1.base|)) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} assume ~unnamed1~0~LIST_END == remove_one_~from#1;remove_one_#t~ite17#1 := ~unnamed2~0~ITEM_NEXT; {67046#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (select |#length| |ULTIMATE.start_remove_one_~list#1.base|)) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:36,843 INFO L290 TraceCheckUtils]: 28: Hoare triple {67046#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (select |#length| |ULTIMATE.start_remove_one_~list#1.base|)) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} remove_one_~term_field~1#1 := remove_one_#t~ite17#1;havoc remove_one_#t~ite17#1; {67046#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (select |#length| |ULTIMATE.start_remove_one_~list#1.base|)) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:36,843 INFO L290 TraceCheckUtils]: 29: Hoare triple {67046#(and (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) 4) (select |#length| |ULTIMATE.start_remove_one_~list#1.base|)) (<= (* ~unnamed1~0~LIST_END 4) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* |ULTIMATE.start_remove_one_~from#1| 4) (* ~unnamed1~0~LIST_BEG 4))))} assume !(4 + (remove_one_~list#1.offset + 4 * remove_one_~from#1) <= #length[remove_one_~list#1.base] && 0 <= remove_one_~list#1.offset + 4 * remove_one_~from#1); {67038#false} is VALID [2022-02-20 23:45:36,843 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:36,844 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:36,844 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2072321938] [2022-02-20 23:45:36,844 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2072321938] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:36,844 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:36,844 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:45:36,844 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1193162423] [2022-02-20 23:45:36,844 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:36,845 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 23:45:36,845 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:36,845 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:36,866 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 30 edges. 30 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:36,866 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:45:36,866 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:36,867 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:45:36,867 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:45:36,867 INFO L87 Difference]: Start difference. First operand 622 states and 869 transitions. Second operand has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:38,054 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:38,054 INFO L93 Difference]: Finished difference Result 1101 states and 1484 transitions. [2022-02-20 23:45:38,054 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-02-20 23:45:38,054 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-02-20 23:45:38,055 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:38,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:38,057 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 395 transitions. [2022-02-20 23:45:38,058 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:38,060 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 10 states to 10 states and 395 transitions. [2022-02-20 23:45:38,060 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 10 states and 395 transitions. [2022-02-20 23:45:38,389 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 395 edges. 395 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:38,425 INFO L225 Difference]: With dead ends: 1101 [2022-02-20 23:45:38,425 INFO L226 Difference]: Without dead ends: 1101 [2022-02-20 23:45:38,425 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=42, Invalid=90, Unknown=0, NotChecked=0, Total=132 [2022-02-20 23:45:38,425 INFO L933 BasicCegarLoop]: 326 mSDtfsCounter, 393 mSDsluCounter, 1155 mSDsCounter, 0 mSdLazyCounter, 199 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 395 SdHoareTripleChecker+Valid, 1481 SdHoareTripleChecker+Invalid, 213 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 199 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:38,426 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [395 Valid, 1481 Invalid, 213 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 199 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-02-20 23:45:38,427 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1101 states. [2022-02-20 23:45:38,433 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1101 to 589. [2022-02-20 23:45:38,433 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:38,434 INFO L82 GeneralOperation]: Start isEquivalent. First operand 1101 states. Second operand has 589 states, 521 states have (on average 1.4510556621881) internal successors, (756), 553 states have internal predecessors, (756), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:38,434 INFO L74 IsIncluded]: Start isIncluded. First operand 1101 states. Second operand has 589 states, 521 states have (on average 1.4510556621881) internal successors, (756), 553 states have internal predecessors, (756), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:38,435 INFO L87 Difference]: Start difference. First operand 1101 states. Second operand has 589 states, 521 states have (on average 1.4510556621881) internal successors, (756), 553 states have internal predecessors, (756), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:38,478 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:38,478 INFO L93 Difference]: Finished difference Result 1101 states and 1484 transitions. [2022-02-20 23:45:38,478 INFO L276 IsEmpty]: Start isEmpty. Operand 1101 states and 1484 transitions. [2022-02-20 23:45:38,484 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:38,484 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:38,484 INFO L74 IsIncluded]: Start isIncluded. First operand has 589 states, 521 states have (on average 1.4510556621881) internal successors, (756), 553 states have internal predecessors, (756), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) Second operand 1101 states. [2022-02-20 23:45:38,485 INFO L87 Difference]: Start difference. First operand has 589 states, 521 states have (on average 1.4510556621881) internal successors, (756), 553 states have internal predecessors, (756), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) Second operand 1101 states. [2022-02-20 23:45:38,527 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:38,527 INFO L93 Difference]: Finished difference Result 1101 states and 1484 transitions. [2022-02-20 23:45:38,527 INFO L276 IsEmpty]: Start isEmpty. Operand 1101 states and 1484 transitions. [2022-02-20 23:45:38,528 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:38,528 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:38,528 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:38,529 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:38,529 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 589 states, 521 states have (on average 1.4510556621881) internal successors, (756), 553 states have internal predecessors, (756), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:38,546 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 589 states to 589 states and 804 transitions. [2022-02-20 23:45:38,546 INFO L78 Accepts]: Start accepts. Automaton has 589 states and 804 transitions. Word has length 30 [2022-02-20 23:45:38,546 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:38,546 INFO L470 AbstractCegarLoop]: Abstraction has 589 states and 804 transitions. [2022-02-20 23:45:38,546 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:38,546 INFO L276 IsEmpty]: Start isEmpty. Operand 589 states and 804 transitions. [2022-02-20 23:45:38,547 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-02-20 23:45:38,547 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:38,547 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:38,547 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable34 [2022-02-20 23:45:38,547 INFO L402 AbstractCegarLoop]: === Iteration 36 === Targeting ULTIMATE.startErr37ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:38,548 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:38,548 INFO L85 PathProgramCache]: Analyzing trace with hash 1838517875, now seen corresponding path program 1 times [2022-02-20 23:45:38,548 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:38,548 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1890205321] [2022-02-20 23:45:38,548 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:38,549 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:38,563 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:38,689 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:38,691 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:38,693 INFO L290 TraceCheckUtils]: 0: Hoare triple {70954#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {70954#true} is VALID [2022-02-20 23:45:38,694 INFO L290 TraceCheckUtils]: 1: Hoare triple {70954#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {70954#true} is VALID [2022-02-20 23:45:38,694 INFO L290 TraceCheckUtils]: 2: Hoare triple {70954#true} assume true; {70954#true} is VALID [2022-02-20 23:45:38,694 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {70954#true} {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} #261#return; {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:38,702 INFO L290 TraceCheckUtils]: 0: Hoare triple {70954#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:38,702 INFO L290 TraceCheckUtils]: 1: Hoare triple {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:38,703 INFO L290 TraceCheckUtils]: 2: Hoare triple {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:38,703 INFO L290 TraceCheckUtils]: 3: Hoare triple {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:38,704 INFO L290 TraceCheckUtils]: 4: Hoare triple {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:38,704 INFO L290 TraceCheckUtils]: 5: Hoare triple {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:38,705 INFO L290 TraceCheckUtils]: 6: Hoare triple {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:38,705 INFO L290 TraceCheckUtils]: 7: Hoare triple {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:38,705 INFO L272 TraceCheckUtils]: 8: Hoare triple {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} call main_#t~ret25#1 := rand_end_point(); {70954#true} is VALID [2022-02-20 23:45:38,705 INFO L290 TraceCheckUtils]: 9: Hoare triple {70954#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {70954#true} is VALID [2022-02-20 23:45:38,705 INFO L290 TraceCheckUtils]: 10: Hoare triple {70954#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {70954#true} is VALID [2022-02-20 23:45:38,706 INFO L290 TraceCheckUtils]: 11: Hoare triple {70954#true} assume true; {70954#true} is VALID [2022-02-20 23:45:38,706 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {70954#true} {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} #261#return; {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} is VALID [2022-02-20 23:45:38,707 INFO L290 TraceCheckUtils]: 13: Hoare triple {70956#(and (= 3 |~#list~0.base|) (= (select |#length| 3) 8))} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {70961#(and (= (+ (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) (- 8)) 0) (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (= |ULTIMATE.start_remove_one_~list#1.offset| |ULTIMATE.start_is_empty_~list#1.offset|))} is VALID [2022-02-20 23:45:38,707 INFO L290 TraceCheckUtils]: 14: Hoare triple {70961#(and (= (+ (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) (- 8)) 0) (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (= |ULTIMATE.start_remove_one_~list#1.offset| |ULTIMATE.start_is_empty_~list#1.offset|))} SUMMARY for call is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L659 {70962#(and (= (+ (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_is_empty_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (= |ULTIMATE.start_remove_one_~list#1.offset| |ULTIMATE.start_is_empty_~list#1.offset|))} is VALID [2022-02-20 23:45:38,708 INFO L290 TraceCheckUtils]: 15: Hoare triple {70962#(and (= (+ (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_is_empty_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (= |ULTIMATE.start_remove_one_~list#1.offset| |ULTIMATE.start_is_empty_~list#1.offset|))} is_empty_~no_beg~0#1 := (if is_empty_#t~mem3#1.base == 0 && is_empty_#t~mem3#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset; {70962#(and (= (+ (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_is_empty_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (= |ULTIMATE.start_remove_one_~list#1.offset| |ULTIMATE.start_is_empty_~list#1.offset|))} is VALID [2022-02-20 23:45:38,709 INFO L290 TraceCheckUtils]: 16: Hoare triple {70962#(and (= (+ (select |#length| |ULTIMATE.start_is_empty_~list#1.base|) (- 8)) 0) (<= 0 (+ |ULTIMATE.start_is_empty_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (= |ULTIMATE.start_remove_one_~list#1.offset| |ULTIMATE.start_is_empty_~list#1.offset|))} SUMMARY for call is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L660 {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:38,709 INFO L290 TraceCheckUtils]: 17: Hoare triple {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is_empty_~no_end~0#1 := (if is_empty_#t~mem4#1.base == 0 && is_empty_#t~mem4#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset; {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:38,710 INFO L290 TraceCheckUtils]: 18: Hoare triple {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume !(is_empty_~no_beg~0#1 != is_empty_~no_end~0#1); {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:38,710 INFO L290 TraceCheckUtils]: 19: Hoare triple {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is_empty_#res#1 := is_empty_~no_beg~0#1; {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:38,711 INFO L290 TraceCheckUtils]: 20: Hoare triple {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} remove_one_#t~ret11#1 := is_empty_#res#1;assume { :end_inline_is_empty } true;assume -2147483648 <= remove_one_#t~ret11#1 && remove_one_#t~ret11#1 <= 2147483647; {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:38,711 INFO L290 TraceCheckUtils]: 21: Hoare triple {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume !(0 != remove_one_#t~ret11#1);havoc remove_one_#t~ret11#1; {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:38,712 INFO L290 TraceCheckUtils]: 22: Hoare triple {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} SUMMARY for call remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L702 {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:38,712 INFO L290 TraceCheckUtils]: 23: Hoare triple {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} SUMMARY for call remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L702-1 {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:38,713 INFO L290 TraceCheckUtils]: 24: Hoare triple {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume remove_one_#t~mem12#1.base == remove_one_#t~mem13#1.base && remove_one_#t~mem12#1.offset == remove_one_#t~mem13#1.offset;havoc remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset;havoc remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset; {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:38,713 INFO L290 TraceCheckUtils]: 25: Hoare triple {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} SUMMARY for call remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L703 {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:38,714 INFO L290 TraceCheckUtils]: 26: Hoare triple {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume 0 == remove_one_#t~mem14#1.offset; {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:38,714 INFO L290 TraceCheckUtils]: 27: Hoare triple {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume remove_one_#t~mem14#1.base < #StackHeapBarrier; {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:38,715 INFO L290 TraceCheckUtils]: 28: Hoare triple {70963#(and (= 3 |ULTIMATE.start_remove_one_~list#1.base|) (= (select |#length| 3) 8) (<= (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (<= 0 (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume 0 == remove_one_#t~mem14#1.base || 1 == #valid[remove_one_#t~mem14#1.base];call ULTIMATE.dealloc(remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset);havoc remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset;assume { :begin_inline_#Ultimate.C_memset } true;#Ultimate.C_memset_#ptr#1.base, #Ultimate.C_memset_#ptr#1.offset, #Ultimate.C_memset_#value#1, #Ultimate.C_memset_#amount#1 := remove_one_~list#1.base, remove_one_~list#1.offset, 0, 8; {70964#(and (<= 0 (+ |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (<= (+ |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= |ULTIMATE.start_#Ultimate.C_memset_#amount#1| 8) (= (select |#length| |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.base|) 8))} is VALID [2022-02-20 23:45:38,716 INFO L290 TraceCheckUtils]: 29: Hoare triple {70964#(and (<= 0 (+ |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (<= (+ |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= |ULTIMATE.start_#Ultimate.C_memset_#amount#1| 8) (= (select |#length| |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.base|) 8))} assume 1 == #valid[#Ultimate.C_memset_#ptr#1.base]; {70964#(and (<= 0 (+ |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (<= (+ |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= |ULTIMATE.start_#Ultimate.C_memset_#amount#1| 8) (= (select |#length| |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.base|) 8))} is VALID [2022-02-20 23:45:38,716 INFO L290 TraceCheckUtils]: 30: Hoare triple {70964#(and (<= 0 (+ |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (<= (+ |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.offset| (* ~unnamed1~0~LIST_END 4)) 4) (= |ULTIMATE.start_#Ultimate.C_memset_#amount#1| 8) (= (select |#length| |ULTIMATE.start_#Ultimate.C_memset_#ptr#1.base|) 8))} assume !(#Ultimate.C_memset_#amount#1 + #Ultimate.C_memset_#ptr#1.offset <= #length[#Ultimate.C_memset_#ptr#1.base] && 0 <= #Ultimate.C_memset_#ptr#1.offset); {70955#false} is VALID [2022-02-20 23:45:38,716 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:38,717 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:38,717 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1890205321] [2022-02-20 23:45:38,717 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1890205321] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:38,717 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:38,717 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:45:38,718 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [327344799] [2022-02-20 23:45:38,718 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:38,719 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 4.833333333333333) internal successors, (29), 7 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2022-02-20 23:45:38,720 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:38,720 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 4.833333333333333) internal successors, (29), 7 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:38,744 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 31 edges. 31 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:38,744 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:45:38,744 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:38,745 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:45:38,745 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=30, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:45:38,745 INFO L87 Difference]: Start difference. First operand 589 states and 804 transitions. Second operand has 7 states, 6 states have (on average 4.833333333333333) internal successors, (29), 7 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:39,832 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:39,832 INFO L93 Difference]: Finished difference Result 771 states and 993 transitions. [2022-02-20 23:45:39,832 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-02-20 23:45:39,832 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 4.833333333333333) internal successors, (29), 7 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2022-02-20 23:45:39,832 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:39,832 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 4.833333333333333) internal successors, (29), 7 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:39,834 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 356 transitions. [2022-02-20 23:45:39,834 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7 states, 6 states have (on average 4.833333333333333) internal successors, (29), 7 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:39,835 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9 states to 9 states and 356 transitions. [2022-02-20 23:45:39,835 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 9 states and 356 transitions. [2022-02-20 23:45:40,120 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 356 edges. 356 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:40,139 INFO L225 Difference]: With dead ends: 771 [2022-02-20 23:45:40,139 INFO L226 Difference]: Without dead ends: 771 [2022-02-20 23:45:40,140 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=57, Invalid=99, Unknown=0, NotChecked=0, Total=156 [2022-02-20 23:45:40,140 INFO L933 BasicCegarLoop]: 173 mSDtfsCounter, 471 mSDsluCounter, 481 mSDsCounter, 0 mSdLazyCounter, 355 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 471 SdHoareTripleChecker+Valid, 654 SdHoareTripleChecker+Invalid, 366 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 355 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:40,140 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [471 Valid, 654 Invalid, 366 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 355 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-02-20 23:45:40,141 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 771 states. [2022-02-20 23:45:40,148 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 771 to 589. [2022-02-20 23:45:40,148 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:40,148 INFO L82 GeneralOperation]: Start isEquivalent. First operand 771 states. Second operand has 589 states, 521 states have (on average 1.4433781190019195) internal successors, (752), 553 states have internal predecessors, (752), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:40,149 INFO L74 IsIncluded]: Start isIncluded. First operand 771 states. Second operand has 589 states, 521 states have (on average 1.4433781190019195) internal successors, (752), 553 states have internal predecessors, (752), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:40,149 INFO L87 Difference]: Start difference. First operand 771 states. Second operand has 589 states, 521 states have (on average 1.4433781190019195) internal successors, (752), 553 states have internal predecessors, (752), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:40,177 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:40,177 INFO L93 Difference]: Finished difference Result 771 states and 993 transitions. [2022-02-20 23:45:40,177 INFO L276 IsEmpty]: Start isEmpty. Operand 771 states and 993 transitions. [2022-02-20 23:45:40,178 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:40,178 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:40,179 INFO L74 IsIncluded]: Start isIncluded. First operand has 589 states, 521 states have (on average 1.4433781190019195) internal successors, (752), 553 states have internal predecessors, (752), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) Second operand 771 states. [2022-02-20 23:45:40,179 INFO L87 Difference]: Start difference. First operand has 589 states, 521 states have (on average 1.4433781190019195) internal successors, (752), 553 states have internal predecessors, (752), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) Second operand 771 states. [2022-02-20 23:45:40,200 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:40,200 INFO L93 Difference]: Finished difference Result 771 states and 993 transitions. [2022-02-20 23:45:40,200 INFO L276 IsEmpty]: Start isEmpty. Operand 771 states and 993 transitions. [2022-02-20 23:45:40,201 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:40,201 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:40,201 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:40,201 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:40,201 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 589 states, 521 states have (on average 1.4433781190019195) internal successors, (752), 553 states have internal predecessors, (752), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 28 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:40,216 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 589 states to 589 states and 800 transitions. [2022-02-20 23:45:40,216 INFO L78 Accepts]: Start accepts. Automaton has 589 states and 800 transitions. Word has length 31 [2022-02-20 23:45:40,217 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:40,217 INFO L470 AbstractCegarLoop]: Abstraction has 589 states and 800 transitions. [2022-02-20 23:45:40,217 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 4.833333333333333) internal successors, (29), 7 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:40,217 INFO L276 IsEmpty]: Start isEmpty. Operand 589 states and 800 transitions. [2022-02-20 23:45:40,217 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-02-20 23:45:40,217 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:40,217 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:40,217 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable35 [2022-02-20 23:45:40,217 INFO L402 AbstractCegarLoop]: === Iteration 37 === Targeting ULTIMATE.startErr40REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:40,217 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:40,218 INFO L85 PathProgramCache]: Analyzing trace with hash -250351879, now seen corresponding path program 1 times [2022-02-20 23:45:40,218 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:40,218 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1510603278] [2022-02-20 23:45:40,218 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:40,218 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:40,236 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:40,406 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-02-20 23:45:40,408 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:40,412 INFO L290 TraceCheckUtils]: 0: Hoare triple {73881#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {73881#true} is VALID [2022-02-20 23:45:40,412 INFO L290 TraceCheckUtils]: 1: Hoare triple {73881#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {73881#true} is VALID [2022-02-20 23:45:40,412 INFO L290 TraceCheckUtils]: 2: Hoare triple {73881#true} assume true; {73881#true} is VALID [2022-02-20 23:45:40,413 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {73881#true} {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} #261#return; {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:40,414 INFO L290 TraceCheckUtils]: 0: Hoare triple {73881#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:40,414 INFO L290 TraceCheckUtils]: 1: Hoare triple {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:40,415 INFO L290 TraceCheckUtils]: 2: Hoare triple {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:40,415 INFO L290 TraceCheckUtils]: 3: Hoare triple {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:40,416 INFO L290 TraceCheckUtils]: 4: Hoare triple {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:40,416 INFO L290 TraceCheckUtils]: 5: Hoare triple {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:40,417 INFO L290 TraceCheckUtils]: 6: Hoare triple {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:40,417 INFO L290 TraceCheckUtils]: 7: Hoare triple {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume !!(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:40,417 INFO L272 TraceCheckUtils]: 8: Hoare triple {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} call main_#t~ret25#1 := rand_end_point(); {73881#true} is VALID [2022-02-20 23:45:40,417 INFO L290 TraceCheckUtils]: 9: Hoare triple {73881#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {73881#true} is VALID [2022-02-20 23:45:40,418 INFO L290 TraceCheckUtils]: 10: Hoare triple {73881#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {73881#true} is VALID [2022-02-20 23:45:40,418 INFO L290 TraceCheckUtils]: 11: Hoare triple {73881#true} assume true; {73881#true} is VALID [2022-02-20 23:45:40,418 INFO L284 TraceCheckUtils]: 12: Hoare quadruple {73881#true} {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} #261#return; {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} is VALID [2022-02-20 23:45:40,419 INFO L290 TraceCheckUtils]: 13: Hoare triple {73883#(and (= |~#list~0.offset| 0) (= (select (select |#memory_$Pointer$.base| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.base| |~#list~0.base|) (+ |~#list~0.offset| 4))) (= (select (select |#memory_$Pointer$.offset| |~#list~0.base|) |~#list~0.offset|) (select (select |#memory_$Pointer$.offset| |~#list~0.base|) (+ |~#list~0.offset| 4))))} assume -2147483648 <= main_#t~ret25#1 && main_#t~ret25#1 <= 2147483647;assume { :begin_inline_remove_one } true;remove_one_#in~list#1.base, remove_one_#in~list#1.offset, remove_one_#in~from#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret25#1;havoc remove_one_#t~ret11#1, remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset, remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset, remove_one_#t~mem14#1.base, remove_one_#t~mem14#1.offset, remove_one_#t~memset~res15#1.base, remove_one_#t~memset~res15#1.offset, remove_one_#t~ite16#1, remove_one_#t~ite17#1, remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset, remove_one_#t~mem19#1.base, remove_one_#t~mem19#1.offset, remove_one_~list#1.base, remove_one_~list#1.offset, remove_one_~from#1, remove_one_~next_field~0#1, remove_one_~term_field~1#1, remove_one_~item~2#1.base, remove_one_~item~2#1.offset, remove_one_~next~0#1.base, remove_one_~next~0#1.offset;remove_one_~list#1.base, remove_one_~list#1.offset := remove_one_#in~list#1.base, remove_one_#in~list#1.offset;remove_one_~from#1 := remove_one_#in~from#1;assume { :begin_inline_is_empty } true;is_empty_#in~list#1.base, is_empty_#in~list#1.offset := remove_one_~list#1.base, remove_one_~list#1.offset;havoc is_empty_#res#1;havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset, is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset, is_empty_~list#1.base, is_empty_~list#1.offset, is_empty_~no_beg~0#1, is_empty_~no_end~0#1;is_empty_~list#1.base, is_empty_~list#1.offset := is_empty_#in~list#1.base, is_empty_#in~list#1.offset; {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} is VALID [2022-02-20 23:45:40,420 INFO L290 TraceCheckUtils]: 14: Hoare triple {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} SUMMARY for call is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L659 {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} is VALID [2022-02-20 23:45:40,421 INFO L290 TraceCheckUtils]: 15: Hoare triple {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} is_empty_~no_beg~0#1 := (if is_empty_#t~mem3#1.base == 0 && is_empty_#t~mem3#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem3#1.base, is_empty_#t~mem3#1.offset; {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} is VALID [2022-02-20 23:45:40,421 INFO L290 TraceCheckUtils]: 16: Hoare triple {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} SUMMARY for call is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset := read~$Pointer$(is_empty_~list#1.base, is_empty_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L660 {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} is VALID [2022-02-20 23:45:40,422 INFO L290 TraceCheckUtils]: 17: Hoare triple {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} is_empty_~no_end~0#1 := (if is_empty_#t~mem4#1.base == 0 && is_empty_#t~mem4#1.offset == 0 then 1 else 0);havoc is_empty_#t~mem4#1.base, is_empty_#t~mem4#1.offset; {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} is VALID [2022-02-20 23:45:40,422 INFO L290 TraceCheckUtils]: 18: Hoare triple {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} assume !(is_empty_~no_beg~0#1 != is_empty_~no_end~0#1); {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} is VALID [2022-02-20 23:45:40,423 INFO L290 TraceCheckUtils]: 19: Hoare triple {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} is_empty_#res#1 := is_empty_~no_beg~0#1; {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} is VALID [2022-02-20 23:45:40,423 INFO L290 TraceCheckUtils]: 20: Hoare triple {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} remove_one_#t~ret11#1 := is_empty_#res#1;assume { :end_inline_is_empty } true;assume -2147483648 <= remove_one_#t~ret11#1 && remove_one_#t~ret11#1 <= 2147483647; {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} is VALID [2022-02-20 23:45:40,424 INFO L290 TraceCheckUtils]: 21: Hoare triple {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} assume !(0 != remove_one_#t~ret11#1);havoc remove_one_#t~ret11#1; {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} is VALID [2022-02-20 23:45:40,425 INFO L290 TraceCheckUtils]: 22: Hoare triple {73888#(and (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0))} SUMMARY for call remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L702 {73889#(and (= |ULTIMATE.start_remove_one_#t~mem12#1.offset| (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= |ULTIMATE.start_remove_one_#t~mem12#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))))} is VALID [2022-02-20 23:45:40,425 INFO L290 TraceCheckUtils]: 23: Hoare triple {73889#(and (= |ULTIMATE.start_remove_one_#t~mem12#1.offset| (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= |ULTIMATE.start_remove_one_#t~mem12#1.base| (select (select |#memory_$Pointer$.base| |ULTIMATE.start_remove_one_~list#1.base|) (+ |ULTIMATE.start_remove_one_~list#1.offset| (* ~unnamed1~0~LIST_END 4)))))} SUMMARY for call remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L702-1 {73890#(and (= |ULTIMATE.start_remove_one_#t~mem13#1.offset| |ULTIMATE.start_remove_one_#t~mem12#1.offset|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= |ULTIMATE.start_remove_one_#t~mem12#1.base| |ULTIMATE.start_remove_one_#t~mem13#1.base|))} is VALID [2022-02-20 23:45:40,426 INFO L290 TraceCheckUtils]: 24: Hoare triple {73890#(and (= |ULTIMATE.start_remove_one_#t~mem13#1.offset| |ULTIMATE.start_remove_one_#t~mem12#1.offset|) (= |ULTIMATE.start_remove_one_~list#1.offset| 0) (= |ULTIMATE.start_remove_one_#t~mem12#1.base| |ULTIMATE.start_remove_one_#t~mem13#1.base|))} assume !(remove_one_#t~mem12#1.base == remove_one_#t~mem13#1.base && remove_one_#t~mem12#1.offset == remove_one_#t~mem13#1.offset);havoc remove_one_#t~mem12#1.base, remove_one_#t~mem12#1.offset;havoc remove_one_#t~mem13#1.base, remove_one_#t~mem13#1.offset; {73882#false} is VALID [2022-02-20 23:45:40,426 INFO L290 TraceCheckUtils]: 25: Hoare triple {73882#false} assume ~unnamed1~0~LIST_BEG == remove_one_~from#1;remove_one_#t~ite16#1 := ~unnamed2~0~ITEM_NEXT; {73882#false} is VALID [2022-02-20 23:45:40,426 INFO L290 TraceCheckUtils]: 26: Hoare triple {73882#false} remove_one_~next_field~0#1 := remove_one_#t~ite16#1;havoc remove_one_#t~ite16#1; {73882#false} is VALID [2022-02-20 23:45:40,426 INFO L290 TraceCheckUtils]: 27: Hoare triple {73882#false} assume !(~unnamed1~0~LIST_END == remove_one_~from#1);remove_one_#t~ite17#1 := ~unnamed2~0~ITEM_PREV; {73882#false} is VALID [2022-02-20 23:45:40,426 INFO L290 TraceCheckUtils]: 28: Hoare triple {73882#false} remove_one_~term_field~1#1 := remove_one_#t~ite17#1;havoc remove_one_#t~ite17#1; {73882#false} is VALID [2022-02-20 23:45:40,426 INFO L290 TraceCheckUtils]: 29: Hoare triple {73882#false} SUMMARY for call remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset := read~$Pointer$(remove_one_~list#1.base, remove_one_~list#1.offset + 4 * remove_one_~from#1, 4); srcloc: L709 {73882#false} is VALID [2022-02-20 23:45:40,426 INFO L290 TraceCheckUtils]: 30: Hoare triple {73882#false} remove_one_~item~2#1.base, remove_one_~item~2#1.offset := remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset;havoc remove_one_#t~mem18#1.base, remove_one_#t~mem18#1.offset; {73882#false} is VALID [2022-02-20 23:45:40,427 INFO L290 TraceCheckUtils]: 31: Hoare triple {73882#false} assume !(1 == #valid[remove_one_~item~2#1.base]); {73882#false} is VALID [2022-02-20 23:45:40,427 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:40,427 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:40,427 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1510603278] [2022-02-20 23:45:40,427 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1510603278] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:40,428 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:40,428 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:45:40,428 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [839690958] [2022-02-20 23:45:40,428 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:40,428 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 32 [2022-02-20 23:45:40,429 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:40,429 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:40,455 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 32 edges. 32 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:40,455 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-02-20 23:45:40,455 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:40,455 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-02-20 23:45:40,455 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-02-20 23:45:40,456 INFO L87 Difference]: Start difference. First operand 589 states and 800 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:41,111 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:41,111 INFO L93 Difference]: Finished difference Result 620 states and 832 transitions. [2022-02-20 23:45:41,111 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-02-20 23:45:41,111 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 32 [2022-02-20 23:45:41,111 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:41,111 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:41,112 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 226 transitions. [2022-02-20 23:45:41,112 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:41,113 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6 states to 6 states and 226 transitions. [2022-02-20 23:45:41,113 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 6 states and 226 transitions. [2022-02-20 23:45:41,278 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 226 edges. 226 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:41,289 INFO L225 Difference]: With dead ends: 620 [2022-02-20 23:45:41,289 INFO L226 Difference]: Without dead ends: 620 [2022-02-20 23:45:41,289 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-02-20 23:45:41,290 INFO L933 BasicCegarLoop]: 156 mSDtfsCounter, 94 mSDsluCounter, 497 mSDsCounter, 0 mSdLazyCounter, 158 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 94 SdHoareTripleChecker+Valid, 653 SdHoareTripleChecker+Invalid, 162 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 158 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:41,290 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [94 Valid, 653 Invalid, 162 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 158 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-02-20 23:45:41,290 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 620 states. [2022-02-20 23:45:41,295 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 620 to 568. [2022-02-20 23:45:41,295 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:41,295 INFO L82 GeneralOperation]: Start isEquivalent. First operand 620 states. Second operand has 568 states, 500 states have (on average 1.45) internal successors, (725), 534 states have internal predecessors, (725), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 26 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:41,296 INFO L74 IsIncluded]: Start isIncluded. First operand 620 states. Second operand has 568 states, 500 states have (on average 1.45) internal successors, (725), 534 states have internal predecessors, (725), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 26 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:41,296 INFO L87 Difference]: Start difference. First operand 620 states. Second operand has 568 states, 500 states have (on average 1.45) internal successors, (725), 534 states have internal predecessors, (725), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 26 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:41,309 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:41,309 INFO L93 Difference]: Finished difference Result 620 states and 832 transitions. [2022-02-20 23:45:41,309 INFO L276 IsEmpty]: Start isEmpty. Operand 620 states and 832 transitions. [2022-02-20 23:45:41,309 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:41,309 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:41,310 INFO L74 IsIncluded]: Start isIncluded. First operand has 568 states, 500 states have (on average 1.45) internal successors, (725), 534 states have internal predecessors, (725), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 26 states have call predecessors, (32), 16 states have call successors, (32) Second operand 620 states. [2022-02-20 23:45:41,310 INFO L87 Difference]: Start difference. First operand has 568 states, 500 states have (on average 1.45) internal successors, (725), 534 states have internal predecessors, (725), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 26 states have call predecessors, (32), 16 states have call successors, (32) Second operand 620 states. [2022-02-20 23:45:41,322 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:41,322 INFO L93 Difference]: Finished difference Result 620 states and 832 transitions. [2022-02-20 23:45:41,322 INFO L276 IsEmpty]: Start isEmpty. Operand 620 states and 832 transitions. [2022-02-20 23:45:41,323 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:41,323 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:41,323 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:41,323 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:41,323 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 568 states, 500 states have (on average 1.45) internal successors, (725), 534 states have internal predecessors, (725), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 26 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:41,335 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 568 states to 568 states and 773 transitions. [2022-02-20 23:45:41,335 INFO L78 Accepts]: Start accepts. Automaton has 568 states and 773 transitions. Word has length 32 [2022-02-20 23:45:41,335 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:41,335 INFO L470 AbstractCegarLoop]: Abstraction has 568 states and 773 transitions. [2022-02-20 23:45:41,336 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:41,336 INFO L276 IsEmpty]: Start isEmpty. Operand 568 states and 773 transitions. [2022-02-20 23:45:41,336 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2022-02-20 23:45:41,336 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:41,336 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:41,336 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable36 [2022-02-20 23:45:41,336 INFO L402 AbstractCegarLoop]: === Iteration 38 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:41,337 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:41,337 INFO L85 PathProgramCache]: Analyzing trace with hash -1439584979, now seen corresponding path program 1 times [2022-02-20 23:45:41,337 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:41,337 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [140888812] [2022-02-20 23:45:41,337 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:41,337 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:41,358 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:41,579 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:41,581 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:41,599 INFO L290 TraceCheckUtils]: 0: Hoare triple {76327#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {76327#true} is VALID [2022-02-20 23:45:41,599 INFO L290 TraceCheckUtils]: 1: Hoare triple {76327#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:41,600 INFO L290 TraceCheckUtils]: 2: Hoare triple {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} assume true; {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:41,600 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} {76329#(<= 0 |~#list~0.offset|)} #259#return; {76334#(and (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)) (<= |ULTIMATE.start_main_#t~ret23#1| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:41,601 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2022-02-20 23:45:41,603 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:41,610 INFO L290 TraceCheckUtils]: 0: Hoare triple {76327#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {76327#true} is VALID [2022-02-20 23:45:41,611 INFO L290 TraceCheckUtils]: 1: Hoare triple {76327#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:41,611 INFO L290 TraceCheckUtils]: 2: Hoare triple {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} assume true; {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:41,612 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} {76340#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} #259#return; {76345#(and (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)) (<= (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:41,613 INFO L290 TraceCheckUtils]: 0: Hoare triple {76327#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {76329#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:41,613 INFO L290 TraceCheckUtils]: 1: Hoare triple {76329#(<= 0 |~#list~0.offset|)} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {76329#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:41,613 INFO L290 TraceCheckUtils]: 2: Hoare triple {76329#(<= 0 |~#list~0.offset|)} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {76329#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:41,614 INFO L290 TraceCheckUtils]: 3: Hoare triple {76329#(<= 0 |~#list~0.offset|)} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {76329#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:41,614 INFO L290 TraceCheckUtils]: 4: Hoare triple {76329#(<= 0 |~#list~0.offset|)} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {76329#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:41,614 INFO L290 TraceCheckUtils]: 5: Hoare triple {76329#(<= 0 |~#list~0.offset|)} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {76329#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:41,614 INFO L272 TraceCheckUtils]: 6: Hoare triple {76329#(<= 0 |~#list~0.offset|)} call main_#t~ret23#1 := rand_end_point(); {76327#true} is VALID [2022-02-20 23:45:41,615 INFO L290 TraceCheckUtils]: 7: Hoare triple {76327#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {76327#true} is VALID [2022-02-20 23:45:41,615 INFO L290 TraceCheckUtils]: 8: Hoare triple {76327#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:41,615 INFO L290 TraceCheckUtils]: 9: Hoare triple {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} assume true; {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:41,616 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} {76329#(<= 0 |~#list~0.offset|)} #259#return; {76334#(and (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)) (<= |ULTIMATE.start_main_#t~ret23#1| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:41,617 INFO L290 TraceCheckUtils]: 11: Hoare triple {76334#(and (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)) (<= |ULTIMATE.start_main_#t~ret23#1| ~unnamed1~0~LIST_BEG))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {76335#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,618 INFO L290 TraceCheckUtils]: 12: Hoare triple {76335#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {76335#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,618 INFO L290 TraceCheckUtils]: 13: Hoare triple {76335#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {76336#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_create_item_~at#1| |ULTIMATE.start_append_one_~to#1|) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,619 INFO L290 TraceCheckUtils]: 14: Hoare triple {76336#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_create_item_~at#1| |ULTIMATE.start_append_one_~to#1|) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {76336#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_create_item_~at#1| |ULTIMATE.start_append_one_~to#1|) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,619 INFO L290 TraceCheckUtils]: 15: Hoare triple {76336#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_create_item_~at#1| |ULTIMATE.start_append_one_~to#1|) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {76337#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (or (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (not |ULTIMATE.start_create_item_#t~switch6#1|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,620 INFO L290 TraceCheckUtils]: 16: Hoare triple {76337#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (<= |ULTIMATE.start_append_one_~to#1| ~unnamed1~0~LIST_BEG) (or (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (not |ULTIMATE.start_create_item_#t~switch6#1|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_NEXT;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_PREV; {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,622 INFO L290 TraceCheckUtils]: 17: Hoare triple {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} havoc create_item_#t~switch6#1; {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,623 INFO L290 TraceCheckUtils]: 18: Hoare triple {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} SUMMARY for call write~$Pointer$(create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1, 4); srcloc: L681 {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,624 INFO L290 TraceCheckUtils]: 19: Hoare triple {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} SUMMARY for call write~$Pointer$(0, 0, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1, 4); srcloc: L681-1 {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,624 INFO L290 TraceCheckUtils]: 20: Hoare triple {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} SUMMARY for call write~int(0, create_item_~item~0#1.base, 8 + create_item_~item~0#1.offset, 1); srcloc: L682 {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,625 INFO L290 TraceCheckUtils]: 21: Hoare triple {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} create_item_~head~0#1.base, create_item_~head~0#1.offset := create_item_~item~0#1.base, create_item_~item~0#1.offset; {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,625 INFO L290 TraceCheckUtils]: 22: Hoare triple {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} assume !(create_item_~link#1.base != 0 || create_item_~link#1.offset != 0); {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,626 INFO L290 TraceCheckUtils]: 23: Hoare triple {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} create_item_#res#1.base, create_item_#res#1.offset := create_item_~head~0#1.base, create_item_~head~0#1.offset; {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,626 INFO L290 TraceCheckUtils]: 24: Hoare triple {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset := create_item_#res#1.base, create_item_#res#1.offset;assume { :end_inline_create_item } true;append_one_~item~1#1.base, append_one_~item~1#1.offset := append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset; {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,627 INFO L290 TraceCheckUtils]: 25: Hoare triple {76338#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |~#list~0.offset|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|))} SUMMARY for call write~$Pointer$(append_one_~item~1#1.base, append_one_~item~1#1.offset, append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L692 {76339#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,628 INFO L290 TraceCheckUtils]: 26: Hoare triple {76339#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} SUMMARY for call append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L692-1 {76339#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,639 INFO L290 TraceCheckUtils]: 27: Hoare triple {76339#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} assume !(0 == append_one_#t~mem9#1.base && 0 == append_one_#t~mem9#1.offset);havoc append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset; {76339#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,640 INFO L290 TraceCheckUtils]: 28: Hoare triple {76339#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} SUMMARY for call append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L693-1 {76340#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,641 INFO L290 TraceCheckUtils]: 29: Hoare triple {76340#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume !(0 == append_one_#t~mem10#1.base && 0 == append_one_#t~mem10#1.offset);havoc append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset; {76340#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,641 INFO L290 TraceCheckUtils]: 30: Hoare triple {76340#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume { :end_inline_append_one } true;havoc main_#t~ret23#1; {76340#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,642 INFO L290 TraceCheckUtils]: 31: Hoare triple {76340#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {76340#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,642 INFO L290 TraceCheckUtils]: 32: Hoare triple {76340#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {76340#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:41,642 INFO L272 TraceCheckUtils]: 33: Hoare triple {76340#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} call main_#t~ret23#1 := rand_end_point(); {76327#true} is VALID [2022-02-20 23:45:41,642 INFO L290 TraceCheckUtils]: 34: Hoare triple {76327#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {76327#true} is VALID [2022-02-20 23:45:41,643 INFO L290 TraceCheckUtils]: 35: Hoare triple {76327#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:41,643 INFO L290 TraceCheckUtils]: 36: Hoare triple {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} assume true; {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} is VALID [2022-02-20 23:45:41,644 INFO L284 TraceCheckUtils]: 37: Hoare quadruple {76347#(and (<= ~unnamed1~0~LIST_BEG |rand_end_point_#res|) (<= |rand_end_point_#res| ~unnamed1~0~LIST_BEG))} {76340#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} #259#return; {76345#(and (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)) (<= (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:41,645 INFO L290 TraceCheckUtils]: 38: Hoare triple {76345#(and (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)) (<= (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {76346#(and (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_append_one_~list#1.offset| 4) (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:41,645 INFO L290 TraceCheckUtils]: 39: Hoare triple {76346#(and (<= (* ~unnamed1~0~LIST_BEG 4) (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)) (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_append_one_~list#1.offset| 4) (+ (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (* ~unnamed1~0~LIST_BEG 4))))} assume !(4 + (append_one_~list#1.offset + 4 * append_one_~to#1) <= #length[append_one_~list#1.base] && 0 <= append_one_~list#1.offset + 4 * append_one_~to#1); {76328#false} is VALID [2022-02-20 23:45:41,646 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 3 proven. 2 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-02-20 23:45:41,646 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:41,646 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [140888812] [2022-02-20 23:45:41,646 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [140888812] provided 0 perfect and 1 imperfect interpolant sequences [2022-02-20 23:45:41,646 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [93690895] [2022-02-20 23:45:41,647 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:41,647 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-02-20 23:45:41,647 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-02-20 23:45:41,651 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-02-20 23:45:41,681 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-02-20 23:45:41,762 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:41,777 INFO L263 TraceCheckSpWp]: Trace formula consists of 237 conjuncts, 27 conjunts are in the unsatisfiable core [2022-02-20 23:45:41,810 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:41,815 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-02-20 23:45:42,357 INFO L290 TraceCheckUtils]: 0: Hoare triple {76327#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,358 INFO L290 TraceCheckUtils]: 1: Hoare triple {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,358 INFO L290 TraceCheckUtils]: 2: Hoare triple {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,359 INFO L290 TraceCheckUtils]: 3: Hoare triple {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,359 INFO L290 TraceCheckUtils]: 4: Hoare triple {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,360 INFO L290 TraceCheckUtils]: 5: Hoare triple {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,360 INFO L272 TraceCheckUtils]: 6: Hoare triple {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} call main_#t~ret23#1 := rand_end_point(); {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,361 INFO L290 TraceCheckUtils]: 7: Hoare triple {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,361 INFO L290 TraceCheckUtils]: 8: Hoare triple {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,362 INFO L290 TraceCheckUtils]: 9: Hoare triple {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume true; {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,362 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} #259#return; {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,363 INFO L290 TraceCheckUtils]: 11: Hoare triple {76351#(and (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,364 INFO L290 TraceCheckUtils]: 12: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,365 INFO L290 TraceCheckUtils]: 13: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,365 INFO L290 TraceCheckUtils]: 14: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,366 INFO L290 TraceCheckUtils]: 15: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,366 INFO L290 TraceCheckUtils]: 16: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_NEXT;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_PREV; {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,367 INFO L290 TraceCheckUtils]: 17: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} havoc create_item_#t~switch6#1; {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,367 INFO L290 TraceCheckUtils]: 18: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} SUMMARY for call write~$Pointer$(create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1, 4); srcloc: L681 {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,368 INFO L290 TraceCheckUtils]: 19: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} SUMMARY for call write~$Pointer$(0, 0, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1, 4); srcloc: L681-1 {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,369 INFO L290 TraceCheckUtils]: 20: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} SUMMARY for call write~int(0, create_item_~item~0#1.base, 8 + create_item_~item~0#1.offset, 1); srcloc: L682 {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,370 INFO L290 TraceCheckUtils]: 21: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} create_item_~head~0#1.base, create_item_~head~0#1.offset := create_item_~item~0#1.base, create_item_~item~0#1.offset; {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,370 INFO L290 TraceCheckUtils]: 22: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume !(create_item_~link#1.base != 0 || create_item_~link#1.offset != 0); {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,371 INFO L290 TraceCheckUtils]: 23: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} create_item_#res#1.base, create_item_#res#1.offset := create_item_~head~0#1.base, create_item_~head~0#1.offset; {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,371 INFO L290 TraceCheckUtils]: 24: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset := create_item_#res#1.base, create_item_#res#1.offset;assume { :end_inline_create_item } true;append_one_~item~1#1.base, append_one_~item~1#1.offset := append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset; {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,372 INFO L290 TraceCheckUtils]: 25: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} SUMMARY for call write~$Pointer$(append_one_~item~1#1.base, append_one_~item~1#1.offset, append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L692 {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,373 INFO L290 TraceCheckUtils]: 26: Hoare triple {76385#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} SUMMARY for call append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L692-1 {76431#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (<= 0 (+ |ULTIMATE.start_append_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,373 INFO L290 TraceCheckUtils]: 27: Hoare triple {76431#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (<= 0 (+ |ULTIMATE.start_append_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (= 3 |~#list~0.base|))} assume !(0 == append_one_#t~mem9#1.base && 0 == append_one_#t~mem9#1.offset);havoc append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset; {76431#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (<= 0 (+ |ULTIMATE.start_append_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,374 INFO L290 TraceCheckUtils]: 28: Hoare triple {76431#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |~#list~0.offset| 0) (<= 0 (+ |ULTIMATE.start_append_one_~list#1.offset| (* ~unnamed1~0~LIST_BEG 4))) (= 3 |~#list~0.base|))} SUMMARY for call append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L693-1 {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,375 INFO L290 TraceCheckUtils]: 29: Hoare triple {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume !(0 == append_one_#t~mem10#1.base && 0 == append_one_#t~mem10#1.offset);havoc append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset; {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,375 INFO L290 TraceCheckUtils]: 30: Hoare triple {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume { :end_inline_append_one } true;havoc main_#t~ret23#1; {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,376 INFO L290 TraceCheckUtils]: 31: Hoare triple {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,376 INFO L290 TraceCheckUtils]: 32: Hoare triple {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,377 INFO L272 TraceCheckUtils]: 33: Hoare triple {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} call main_#t~ret23#1 := rand_end_point(); {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,378 INFO L290 TraceCheckUtils]: 34: Hoare triple {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} is VALID [2022-02-20 23:45:42,378 INFO L290 TraceCheckUtils]: 35: Hoare triple {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {76460#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= ~unnamed1~0~LIST_BEG |rand_end_point_#res|))} is VALID [2022-02-20 23:45:42,379 INFO L290 TraceCheckUtils]: 36: Hoare triple {76460#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= ~unnamed1~0~LIST_BEG |rand_end_point_#res|))} assume true; {76460#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= ~unnamed1~0~LIST_BEG |rand_end_point_#res|))} is VALID [2022-02-20 23:45:42,380 INFO L284 TraceCheckUtils]: 37: Hoare quadruple {76460#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= ~unnamed1~0~LIST_BEG |rand_end_point_#res|))} {76438#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|))} #259#return; {76467#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_main_#t~ret23#1|))} is VALID [2022-02-20 23:45:42,380 INFO L290 TraceCheckUtils]: 38: Hoare triple {76467#(and (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| |~#list~0.base|) (* ~unnamed1~0~LIST_BEG 4))) (= |~#list~0.offset| 0) (= 3 |~#list~0.base|) (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_main_#t~ret23#1|))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {76471#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| 3) (* ~unnamed1~0~LIST_BEG 4))) (= 3 |ULTIMATE.start_append_one_~list#1.base|) (= |ULTIMATE.start_append_one_~list#1.offset| 0))} is VALID [2022-02-20 23:45:42,381 INFO L290 TraceCheckUtils]: 39: Hoare triple {76471#(and (= ~unnamed1~0~LIST_BEG |ULTIMATE.start_append_one_~to#1|) (<= (+ (* ~unnamed1~0~LIST_END 4) 4) (+ (select |#length| 3) (* ~unnamed1~0~LIST_BEG 4))) (= 3 |ULTIMATE.start_append_one_~list#1.base|) (= |ULTIMATE.start_append_one_~list#1.offset| 0))} assume !(4 + (append_one_~list#1.offset + 4 * append_one_~to#1) <= #length[append_one_~list#1.base] && 0 <= append_one_~list#1.offset + 4 * append_one_~to#1); {76328#false} is VALID [2022-02-20 23:45:42,382 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 8 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:42,382 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-02-20 23:45:42,656 INFO L356 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2022-02-20 23:45:42,657 INFO L390 Elim1Store]: Elim1 did not use preprocessing eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 30 treesize of output 34 [2022-02-20 23:45:43,070 INFO L290 TraceCheckUtils]: 39: Hoare triple {76475#(and (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 4) (select |#length| |ULTIMATE.start_append_one_~list#1.base|)) (<= 0 (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)))} assume !(4 + (append_one_~list#1.offset + 4 * append_one_~to#1) <= #length[append_one_~list#1.base] && 0 <= append_one_~list#1.offset + 4 * append_one_~to#1); {76328#false} is VALID [2022-02-20 23:45:43,071 INFO L290 TraceCheckUtils]: 38: Hoare triple {76479#(and (<= (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {76475#(and (<= (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset| 4) (select |#length| |ULTIMATE.start_append_one_~list#1.base|)) (<= 0 (+ (* 4 |ULTIMATE.start_append_one_~to#1|) |ULTIMATE.start_append_one_~list#1.offset|)))} is VALID [2022-02-20 23:45:43,072 INFO L284 TraceCheckUtils]: 37: Hoare quadruple {76487#(or (not (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4)))) (and (<= 0 (+ |~#list~0.offset| (* 4 |rand_end_point_#res|))) (<= (+ |~#list~0.offset| 4 (* 4 |rand_end_point_#res|)) (select |#length| |~#list~0.base|))) (not (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|))))} {76483#(and (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} #259#return; {76479#(and (<= (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 (+ (* 4 |ULTIMATE.start_main_#t~ret23#1|) |~#list~0.offset|)))} is VALID [2022-02-20 23:45:43,073 INFO L290 TraceCheckUtils]: 36: Hoare triple {76487#(or (not (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4)))) (and (<= 0 (+ |~#list~0.offset| (* 4 |rand_end_point_#res|))) (<= (+ |~#list~0.offset| 4 (* 4 |rand_end_point_#res|)) (select |#length| |~#list~0.base|))) (not (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|))))} assume true; {76487#(or (not (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4)))) (and (<= 0 (+ |~#list~0.offset| (* 4 |rand_end_point_#res|))) (<= (+ |~#list~0.offset| 4 (* 4 |rand_end_point_#res|)) (select |#length| |~#list~0.base|))) (not (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|))))} is VALID [2022-02-20 23:45:43,073 INFO L290 TraceCheckUtils]: 35: Hoare triple {76327#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {76487#(or (not (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4)))) (and (<= 0 (+ |~#list~0.offset| (* 4 |rand_end_point_#res|))) (<= (+ |~#list~0.offset| 4 (* 4 |rand_end_point_#res|)) (select |#length| |~#list~0.base|))) (not (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|))))} is VALID [2022-02-20 23:45:43,073 INFO L290 TraceCheckUtils]: 34: Hoare triple {76327#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {76327#true} is VALID [2022-02-20 23:45:43,073 INFO L272 TraceCheckUtils]: 33: Hoare triple {76483#(and (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} call main_#t~ret23#1 := rand_end_point(); {76327#true} is VALID [2022-02-20 23:45:43,074 INFO L290 TraceCheckUtils]: 32: Hoare triple {76483#(and (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {76483#(and (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,074 INFO L290 TraceCheckUtils]: 31: Hoare triple {76483#(and (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {76483#(and (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,075 INFO L290 TraceCheckUtils]: 30: Hoare triple {76483#(and (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume { :end_inline_append_one } true;havoc main_#t~ret23#1; {76483#(and (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,075 INFO L290 TraceCheckUtils]: 29: Hoare triple {76483#(and (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume !(0 == append_one_#t~mem10#1.base && 0 == append_one_#t~mem10#1.offset);havoc append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset; {76483#(and (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,076 INFO L290 TraceCheckUtils]: 28: Hoare triple {76512#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4)) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_append_one_~list#1.offset|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} SUMMARY for call append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L693-1 {76483#(and (<= (+ |~#list~0.offset| 4 (* ~unnamed1~0~LIST_BEG 4)) (select |#length| |~#list~0.base|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,076 INFO L290 TraceCheckUtils]: 27: Hoare triple {76512#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4)) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_append_one_~list#1.offset|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume !(0 == append_one_#t~mem9#1.base && 0 == append_one_#t~mem9#1.offset);havoc append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset; {76512#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4)) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_append_one_~list#1.offset|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,077 INFO L290 TraceCheckUtils]: 26: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} SUMMARY for call append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L692-1 {76512#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4)) (+ (* ~unnamed1~0~LIST_END 4) |ULTIMATE.start_append_one_~list#1.offset|)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,078 INFO L290 TraceCheckUtils]: 25: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} SUMMARY for call write~$Pointer$(append_one_~item~1#1.base, append_one_~item~1#1.offset, append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L692 {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,078 INFO L290 TraceCheckUtils]: 24: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset := create_item_#res#1.base, create_item_#res#1.offset;assume { :end_inline_create_item } true;append_one_~item~1#1.base, append_one_~item~1#1.offset := append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset; {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,079 INFO L290 TraceCheckUtils]: 23: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} create_item_#res#1.base, create_item_#res#1.offset := create_item_~head~0#1.base, create_item_~head~0#1.offset; {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,079 INFO L290 TraceCheckUtils]: 22: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume !(create_item_~link#1.base != 0 || create_item_~link#1.offset != 0); {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,079 INFO L290 TraceCheckUtils]: 21: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} create_item_~head~0#1.base, create_item_~head~0#1.offset := create_item_~item~0#1.base, create_item_~item~0#1.offset; {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,080 INFO L290 TraceCheckUtils]: 20: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} SUMMARY for call write~int(0, create_item_~item~0#1.base, 8 + create_item_~item~0#1.offset, 1); srcloc: L682 {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,081 INFO L290 TraceCheckUtils]: 19: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} SUMMARY for call write~$Pointer$(0, 0, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1, 4); srcloc: L681-1 {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,081 INFO L290 TraceCheckUtils]: 18: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} SUMMARY for call write~$Pointer$(create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1, 4); srcloc: L681 {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,082 INFO L290 TraceCheckUtils]: 17: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} havoc create_item_#t~switch6#1; {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,082 INFO L290 TraceCheckUtils]: 16: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_NEXT;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_PREV; {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,083 INFO L290 TraceCheckUtils]: 15: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,083 INFO L290 TraceCheckUtils]: 14: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,084 INFO L290 TraceCheckUtils]: 13: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,085 INFO L290 TraceCheckUtils]: 12: Hoare triple {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,085 INFO L290 TraceCheckUtils]: 11: Hoare triple {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {76519#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,086 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {76327#true} {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} #259#return; {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,086 INFO L290 TraceCheckUtils]: 9: Hoare triple {76327#true} assume true; {76327#true} is VALID [2022-02-20 23:45:43,086 INFO L290 TraceCheckUtils]: 8: Hoare triple {76327#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {76327#true} is VALID [2022-02-20 23:45:43,086 INFO L290 TraceCheckUtils]: 7: Hoare triple {76327#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {76327#true} is VALID [2022-02-20 23:45:43,086 INFO L272 TraceCheckUtils]: 6: Hoare triple {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} call main_#t~ret23#1 := rand_end_point(); {76327#true} is VALID [2022-02-20 23:45:43,086 INFO L290 TraceCheckUtils]: 5: Hoare triple {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,087 INFO L290 TraceCheckUtils]: 4: Hoare triple {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,087 INFO L290 TraceCheckUtils]: 3: Hoare triple {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,088 INFO L290 TraceCheckUtils]: 2: Hoare triple {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,088 INFO L290 TraceCheckUtils]: 1: Hoare triple {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,089 INFO L290 TraceCheckUtils]: 0: Hoare triple {76327#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {76565#(and (<= (+ (* ~unnamed1~0~LIST_BEG 8) |~#list~0.offset|) (* ~unnamed1~0~LIST_END 4)) (<= 0 (+ |~#list~0.offset| (* ~unnamed1~0~LIST_BEG 4))))} is VALID [2022-02-20 23:45:43,089 INFO L134 CoverageAnalysis]: Checked inductivity of 9 backedges. 2 proven. 5 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-02-20 23:45:43,089 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleZ3 [93690895] provided 0 perfect and 2 imperfect interpolant sequences [2022-02-20 23:45:43,090 INFO L191 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-02-20 23:45:43,090 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 7, 8] total 26 [2022-02-20 23:45:43,090 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [846037351] [2022-02-20 23:45:43,090 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-02-20 23:45:43,090 INFO L78 Accepts]: Start accepts. Automaton has has 27 states, 26 states have (on average 3.9615384615384617) internal successors, (103), 23 states have internal predecessors, (103), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) Word has length 40 [2022-02-20 23:45:43,091 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:43,091 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 27 states, 26 states have (on average 3.9615384615384617) internal successors, (103), 23 states have internal predecessors, (103), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 23:45:43,187 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 115 edges. 115 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:43,187 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 27 states [2022-02-20 23:45:43,187 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:43,187 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2022-02-20 23:45:43,187 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=116, Invalid=586, Unknown=0, NotChecked=0, Total=702 [2022-02-20 23:45:43,188 INFO L87 Difference]: Start difference. First operand 568 states and 773 transitions. Second operand has 27 states, 26 states have (on average 3.9615384615384617) internal successors, (103), 23 states have internal predecessors, (103), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 23:45:46,864 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:46,865 INFO L93 Difference]: Finished difference Result 856 states and 1118 transitions. [2022-02-20 23:45:46,865 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-02-20 23:45:46,865 INFO L78 Accepts]: Start accepts. Automaton has has 27 states, 26 states have (on average 3.9615384615384617) internal successors, (103), 23 states have internal predecessors, (103), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) Word has length 40 [2022-02-20 23:45:46,865 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-02-20 23:45:46,865 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 27 states, 26 states have (on average 3.9615384615384617) internal successors, (103), 23 states have internal predecessors, (103), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 23:45:46,867 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 15 states to 15 states and 385 transitions. [2022-02-20 23:45:46,867 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 27 states, 26 states have (on average 3.9615384615384617) internal successors, (103), 23 states have internal predecessors, (103), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 23:45:46,869 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 15 states to 15 states and 385 transitions. [2022-02-20 23:45:46,869 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with 15 states and 385 transitions. [2022-02-20 23:45:47,198 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 385 edges. 385 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:47,219 INFO L225 Difference]: With dead ends: 856 [2022-02-20 23:45:47,219 INFO L226 Difference]: Without dead ends: 856 [2022-02-20 23:45:47,220 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 105 GetRequests, 70 SyntacticMatches, 0 SemanticMatches, 35 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 275 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=312, Invalid=1020, Unknown=0, NotChecked=0, Total=1332 [2022-02-20 23:45:47,220 INFO L933 BasicCegarLoop]: 208 mSDtfsCounter, 2388 mSDsluCounter, 1473 mSDsCounter, 0 mSdLazyCounter, 681 mSolverCounterSat, 146 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2392 SdHoareTripleChecker+Valid, 1681 SdHoareTripleChecker+Invalid, 827 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 146 IncrementalHoareTripleChecker+Valid, 681 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-02-20 23:45:47,220 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [2392 Valid, 1681 Invalid, 827 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [146 Valid, 681 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-02-20 23:45:47,221 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 856 states. [2022-02-20 23:45:47,227 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 856 to 563. [2022-02-20 23:45:47,228 INFO L214 AbstractMinimizeNwa]: Start testing correctness of minimizeSevpa [2022-02-20 23:45:47,228 INFO L82 GeneralOperation]: Start isEquivalent. First operand 856 states. Second operand has 563 states, 496 states have (on average 1.4375) internal successors, (713), 531 states have internal predecessors, (713), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 24 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:47,229 INFO L74 IsIncluded]: Start isIncluded. First operand 856 states. Second operand has 563 states, 496 states have (on average 1.4375) internal successors, (713), 531 states have internal predecessors, (713), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 24 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:47,229 INFO L87 Difference]: Start difference. First operand 856 states. Second operand has 563 states, 496 states have (on average 1.4375) internal successors, (713), 531 states have internal predecessors, (713), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 24 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:47,261 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:47,261 INFO L93 Difference]: Finished difference Result 856 states and 1118 transitions. [2022-02-20 23:45:47,261 INFO L276 IsEmpty]: Start isEmpty. Operand 856 states and 1118 transitions. [2022-02-20 23:45:47,262 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:47,262 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:47,262 INFO L74 IsIncluded]: Start isIncluded. First operand has 563 states, 496 states have (on average 1.4375) internal successors, (713), 531 states have internal predecessors, (713), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 24 states have call predecessors, (32), 16 states have call successors, (32) Second operand 856 states. [2022-02-20 23:45:47,262 INFO L87 Difference]: Start difference. First operand has 563 states, 496 states have (on average 1.4375) internal successors, (713), 531 states have internal predecessors, (713), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 24 states have call predecessors, (32), 16 states have call successors, (32) Second operand 856 states. [2022-02-20 23:45:47,296 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-02-20 23:45:47,296 INFO L93 Difference]: Finished difference Result 856 states and 1118 transitions. [2022-02-20 23:45:47,296 INFO L276 IsEmpty]: Start isEmpty. Operand 856 states and 1118 transitions. [2022-02-20 23:45:47,297 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-02-20 23:45:47,297 INFO L83 IsIncluded]: Finished isIncluded. Language is included [2022-02-20 23:45:47,297 INFO L88 GeneralOperation]: Finished isEquivalent. [2022-02-20 23:45:47,297 INFO L221 AbstractMinimizeNwa]: Finished testing correctness of minimizeSevpa [2022-02-20 23:45:47,298 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 563 states, 496 states have (on average 1.4375) internal successors, (713), 531 states have internal predecessors, (713), 16 states have call successors, (16), 7 states have call predecessors, (16), 14 states have return successors, (32), 24 states have call predecessors, (32), 16 states have call successors, (32) [2022-02-20 23:45:47,313 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 563 states to 563 states and 761 transitions. [2022-02-20 23:45:47,313 INFO L78 Accepts]: Start accepts. Automaton has 563 states and 761 transitions. Word has length 40 [2022-02-20 23:45:47,314 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-02-20 23:45:47,314 INFO L470 AbstractCegarLoop]: Abstraction has 563 states and 761 transitions. [2022-02-20 23:45:47,314 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 27 states, 26 states have (on average 3.9615384615384617) internal successors, (103), 23 states have internal predecessors, (103), 6 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2022-02-20 23:45:47,314 INFO L276 IsEmpty]: Start isEmpty. Operand 563 states and 761 transitions. [2022-02-20 23:45:47,314 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2022-02-20 23:45:47,315 INFO L506 BasicCegarLoop]: Found error trace [2022-02-20 23:45:47,315 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-02-20 23:45:47,342 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-02-20 23:45:47,531 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable37 [2022-02-20 23:45:47,531 INFO L402 AbstractCegarLoop]: === Iteration 39 === Targeting ULTIMATE.startErr50REQUIRES_VIOLATION === [ULTIMATE.startErr0REQUIRES_VIOLATION, ULTIMATE.startErr1REQUIRES_VIOLATION, ULTIMATE.startErr2REQUIRES_VIOLATION, ULTIMATE.startErr3REQUIRES_VIOLATION (and 53 more)] === [2022-02-20 23:45:47,532 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-02-20 23:45:47,532 INFO L85 PathProgramCache]: Analyzing trace with hash 112861475, now seen corresponding path program 1 times [2022-02-20 23:45:47,532 INFO L126 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-02-20 23:45:47,532 INFO L338 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [218761976] [2022-02-20 23:45:47,532 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-02-20 23:45:47,532 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-02-20 23:45:47,566 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:47,649 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 6 [2022-02-20 23:45:47,651 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-02-20 23:45:47,653 INFO L290 TraceCheckUtils]: 0: Hoare triple {79750#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {79750#true} is VALID [2022-02-20 23:45:47,653 INFO L290 TraceCheckUtils]: 1: Hoare triple {79750#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {79750#true} is VALID [2022-02-20 23:45:47,653 INFO L290 TraceCheckUtils]: 2: Hoare triple {79750#true} assume true; {79750#true} is VALID [2022-02-20 23:45:47,653 INFO L284 TraceCheckUtils]: 3: Hoare quadruple {79750#true} {79752#(<= 0 |~#list~0.offset|)} #259#return; {79752#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:47,654 INFO L290 TraceCheckUtils]: 0: Hoare triple {79750#true} assume { :begin_inline_ULTIMATE.init } true;#NULL.base, #NULL.offset := 0, 0;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;call #Ultimate.allocInit(2, 1);call write~init~int(48, 1, 0, 1);call write~init~int(0, 1, 1, 1);call #Ultimate.allocInit(12, 2);~#list~0.base, ~#list~0.offset := 3, 0;call #Ultimate.allocInit(8, 3);call write~init~$Pointer$(0, 0, ~#list~0.base, ~#list~0.offset, 4);call write~init~$Pointer$(0, 0, ~#list~0.base, 4 + ~#list~0.offset, 4); {79752#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:47,654 INFO L290 TraceCheckUtils]: 1: Hoare triple {79752#(<= 0 |~#list~0.offset|)} assume { :end_inline_ULTIMATE.init } true;main_old_#valid#1 := #valid;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~ret23#1, main_#t~nondet22#1, main_#t~ret25#1, main_#t~nondet24#1, main_#t~nondet21#1, main_#t~nondet26#1, main_#t~mem27#1.base, main_#t~mem27#1.offset, main_#t~mem28#1.base, main_#t~mem28#1.offset, main_~next~1#1.base, main_~next~1#1.offset, main_~end_point~0#1, main_~direction~0#1, main_~cursor~0#1.base, main_~cursor~0#1.offset; {79752#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:47,655 INFO L290 TraceCheckUtils]: 2: Hoare triple {79752#(<= 0 |~#list~0.offset|)} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {79752#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:47,655 INFO L290 TraceCheckUtils]: 3: Hoare triple {79752#(<= 0 |~#list~0.offset|)} assume !!(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {79752#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:47,656 INFO L290 TraceCheckUtils]: 4: Hoare triple {79752#(<= 0 |~#list~0.offset|)} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {79752#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:47,656 INFO L290 TraceCheckUtils]: 5: Hoare triple {79752#(<= 0 |~#list~0.offset|)} assume !!(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {79752#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:47,656 INFO L272 TraceCheckUtils]: 6: Hoare triple {79752#(<= 0 |~#list~0.offset|)} call main_#t~ret23#1 := rand_end_point(); {79750#true} is VALID [2022-02-20 23:45:47,656 INFO L290 TraceCheckUtils]: 7: Hoare triple {79750#true} assume -2147483648 <= #t~nondet20 && #t~nondet20 <= 2147483647; {79750#true} is VALID [2022-02-20 23:45:47,656 INFO L290 TraceCheckUtils]: 8: Hoare triple {79750#true} assume 0 != #t~nondet20;havoc #t~nondet20;#res := ~unnamed1~0~LIST_BEG; {79750#true} is VALID [2022-02-20 23:45:47,656 INFO L290 TraceCheckUtils]: 9: Hoare triple {79750#true} assume true; {79750#true} is VALID [2022-02-20 23:45:47,657 INFO L284 TraceCheckUtils]: 10: Hoare quadruple {79750#true} {79752#(<= 0 |~#list~0.offset|)} #259#return; {79752#(<= 0 |~#list~0.offset|)} is VALID [2022-02-20 23:45:47,657 INFO L290 TraceCheckUtils]: 11: Hoare triple {79752#(<= 0 |~#list~0.offset|)} assume -2147483648 <= main_#t~ret23#1 && main_#t~ret23#1 <= 2147483647;assume { :begin_inline_append_one } true;append_one_#in~list#1.base, append_one_#in~list#1.offset, append_one_#in~to#1 := ~#list~0.base, ~#list~0.offset, main_#t~ret23#1;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset, append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset, append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset, append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset, append_one_~list#1.base, append_one_~list#1.offset, append_one_~to#1, append_one_~item~1#1.base, append_one_~item~1#1.offset;append_one_~list#1.base, append_one_~list#1.offset := append_one_#in~list#1.base, append_one_#in~list#1.offset;append_one_~to#1 := append_one_#in~to#1; {79757#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,658 INFO L290 TraceCheckUtils]: 12: Hoare triple {79757#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} SUMMARY for call append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L691 {79757#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,659 INFO L290 TraceCheckUtils]: 13: Hoare triple {79757#(and (= |ULTIMATE.start_append_one_~list#1.base| |~#list~0.base|) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} assume { :begin_inline_create_item } true;create_item_#in~at#1, create_item_#in~link#1.base, create_item_#in~link#1.offset := append_one_~to#1, append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc create_item_#res#1.base, create_item_#res#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset, create_item_#t~switch6#1, create_item_~at#1, create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset, create_item_~term_field~0#1, create_item_~link_field~0#1, create_item_~head~0#1.base, create_item_~head~0#1.offset;create_item_~at#1 := create_item_#in~at#1;create_item_~link#1.base, create_item_~link#1.offset := create_item_#in~link#1.base, create_item_#in~link#1.offset;call create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset := #Ultimate.allocOnHeap(265);create_item_~item~0#1.base, create_item_~item~0#1.offset := create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset;havoc create_item_#t~malloc5#1.base, create_item_#t~malloc5#1.offset; {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,659 INFO L290 TraceCheckUtils]: 14: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} assume !(create_item_~item~0#1.base == 0 && create_item_~item~0#1.offset == 0); {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,660 INFO L290 TraceCheckUtils]: 15: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} havoc create_item_~term_field~0#1;havoc create_item_~link_field~0#1;create_item_#t~switch6#1 := create_item_~at#1 == ~unnamed1~0~LIST_BEG; {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,660 INFO L290 TraceCheckUtils]: 16: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} assume create_item_#t~switch6#1;create_item_~link_field~0#1 := ~unnamed2~0~ITEM_NEXT;create_item_~term_field~0#1 := ~unnamed2~0~ITEM_PREV; {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,661 INFO L290 TraceCheckUtils]: 17: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} havoc create_item_#t~switch6#1; {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,661 INFO L290 TraceCheckUtils]: 18: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} SUMMARY for call write~$Pointer$(create_item_~link#1.base, create_item_~link#1.offset, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~link_field~0#1, 4); srcloc: L681 {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,662 INFO L290 TraceCheckUtils]: 19: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} SUMMARY for call write~$Pointer$(0, 0, create_item_~item~0#1.base, create_item_~item~0#1.offset + 4 * create_item_~term_field~0#1, 4); srcloc: L681-1 {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,663 INFO L290 TraceCheckUtils]: 20: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} SUMMARY for call write~int(0, create_item_~item~0#1.base, 8 + create_item_~item~0#1.offset, 1); srcloc: L682 {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,663 INFO L290 TraceCheckUtils]: 21: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} create_item_~head~0#1.base, create_item_~head~0#1.offset := create_item_~item~0#1.base, create_item_~item~0#1.offset; {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,664 INFO L290 TraceCheckUtils]: 22: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} assume !(create_item_~link#1.base != 0 || create_item_~link#1.offset != 0); {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,664 INFO L290 TraceCheckUtils]: 23: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} create_item_#res#1.base, create_item_#res#1.offset := create_item_~head~0#1.base, create_item_~head~0#1.offset; {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,665 INFO L290 TraceCheckUtils]: 24: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset := create_item_#res#1.base, create_item_#res#1.offset;assume { :end_inline_create_item } true;append_one_~item~1#1.base, append_one_~item~1#1.offset := append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset;havoc append_one_#t~mem7#1.base, append_one_#t~mem7#1.offset;havoc append_one_#t~ret8#1.base, append_one_#t~ret8#1.offset; {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,666 INFO L290 TraceCheckUtils]: 25: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} SUMMARY for call write~$Pointer$(append_one_~item~1#1.base, append_one_~item~1#1.offset, append_one_~list#1.base, append_one_~list#1.offset + 4 * append_one_~to#1, 4); srcloc: L692 {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,666 INFO L290 TraceCheckUtils]: 26: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} SUMMARY for call append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_BEG, 4); srcloc: L692-1 {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,667 INFO L290 TraceCheckUtils]: 27: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} assume !(0 == append_one_#t~mem9#1.base && 0 == append_one_#t~mem9#1.offset);havoc append_one_#t~mem9#1.base, append_one_#t~mem9#1.offset; {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,667 INFO L290 TraceCheckUtils]: 28: Hoare triple {79758#(and (= (select |#length| |ULTIMATE.start_append_one_~list#1.base|) (select |#length| |~#list~0.base|)) (= |ULTIMATE.start_append_one_~list#1.offset| |~#list~0.offset|) (<= 0 |~#list~0.offset|))} SUMMARY for call append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset := read~$Pointer$(append_one_~list#1.base, append_one_~list#1.offset + 4 * ~unnamed1~0~LIST_END, 4); srcloc: L693-1 {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,668 INFO L290 TraceCheckUtils]: 29: Hoare triple {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume !(0 == append_one_#t~mem10#1.base && 0 == append_one_#t~mem10#1.offset);havoc append_one_#t~mem10#1.base, append_one_#t~mem10#1.offset; {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,668 INFO L290 TraceCheckUtils]: 30: Hoare triple {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume { :end_inline_append_one } true;havoc main_#t~ret23#1; {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,669 INFO L290 TraceCheckUtils]: 31: Hoare triple {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume -2147483648 <= main_#t~nondet22#1 && main_#t~nondet22#1 <= 2147483647; {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,669 INFO L290 TraceCheckUtils]: 32: Hoare triple {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume !(0 != main_#t~nondet22#1);havoc main_#t~nondet22#1; {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,670 INFO L290 TraceCheckUtils]: 33: Hoare triple {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume -2147483648 <= main_#t~nondet24#1 && main_#t~nondet24#1 <= 2147483647; {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,670 INFO L290 TraceCheckUtils]: 34: Hoare triple {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume !(0 != main_#t~nondet24#1);havoc main_#t~nondet24#1; {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,671 INFO L290 TraceCheckUtils]: 35: Hoare triple {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume -2147483648 <= main_#t~nondet21#1 && main_#t~nondet21#1 <= 2147483647; {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,671 INFO L290 TraceCheckUtils]: 36: Hoare triple {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume !(0 != main_#t~nondet21#1);havoc main_#t~nondet21#1; {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,672 INFO L290 TraceCheckUtils]: 37: Hoare triple {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} havoc main_~end_point~0#1;havoc main_~direction~0#1;assume -2147483648 <= main_#t~nondet26#1 && main_#t~nondet26#1 <= 2147483647; {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} is VALID [2022-02-20 23:45:47,672 INFO L290 TraceCheckUtils]: 38: Hoare triple {79759#(and (<= (+ (* ~unnamed1~0~LIST_END 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)) (<= 0 |~#list~0.offset|))} assume !(0 != main_#t~nondet26#1);havoc main_#t~nondet26#1;main_~end_point~0#1 := ~unnamed1~0~LIST_END;main_~direction~0#1 := ~unnamed2~0~ITEM_PREV; {79760#(and (<= (* ~unnamed1~0~LIST_END 4) (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|)) (<= (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)))} is VALID [2022-02-20 23:45:47,673 INFO L290 TraceCheckUtils]: 39: Hoare triple {79760#(and (<= (* ~unnamed1~0~LIST_END 4) (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset|)) (<= (+ (* |ULTIMATE.start_main_~end_point~0#1| 4) |~#list~0.offset| 4) (select |#length| |~#list~0.base|)))} assume !(4 + (~#list~0.offset + 4 * main_~end_point~0#1) <= #length[~#list~0.base] && 0 <= ~#list~0.offset + 4 * main_~end_point~0#1); {79751#false} is VALID [2022-02-20 23:45:47,673 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-02-20 23:45:47,674 INFO L144 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-02-20 23:45:47,674 INFO L338 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [218761976] [2022-02-20 23:45:47,674 INFO L165 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [218761976] provided 1 perfect and 0 imperfect interpolant sequences [2022-02-20 23:45:47,674 INFO L191 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-02-20 23:45:47,674 INFO L204 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-02-20 23:45:47,674 INFO L118 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [888386701] [2022-02-20 23:45:47,674 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-02-20 23:45:47,675 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 6.333333333333333) internal successors, (38), 7 states have internal predecessors, (38), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 40 [2022-02-20 23:45:47,675 INFO L84 Accepts]: Finished accepts. word is accepted. [2022-02-20 23:45:47,676 INFO L86 InductivityCheck]: Starting indutivity check of a Floyd-Hoare automaton with has 7 states, 6 states have (on average 6.333333333333333) internal successors, (38), 7 states have internal predecessors, (38), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-02-20 23:45:47,708 INFO L122 InductivityCheck]: Floyd-Hoare automaton has 40 edges. 40 inductive. 0 not inductive. 0 times theorem prover too weak to decide inductivity. [2022-02-20 23:45:47,709 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-02-20 23:45:47,709 INFO L108 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-02-20 23:45:47,709 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-02-20 23:45:47,709 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-02-20 23:45:47,710 INFO L87 Difference]: Start difference. First operand 563 states and 761 transitions. Second operand has 7 states, 6 states have (on average 6.333333333333333) internal successors, (38), 7 states have internal predecessors, (38), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1)