./Ultimate.py --spec ../../sv-benchmarks/c/properties/valid-memsafety.prp --file ../../sv-benchmarks/c/ldv-memsafety/memleaks_test18_3.i --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 38b53e6a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/config/AutomizerMemDerefMemtrack.xml -i ../../sv-benchmarks/c/ldv-memsafety/memleaks_test18_3.i -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 1df58a12292e53aa25870e709e17978d63a0e61d4dd56fb439981d66ecb6b925 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-38b53e6 [2022-11-25 17:57:36,810 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-25 17:57:36,814 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-25 17:57:36,865 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-25 17:57:36,866 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-25 17:57:36,871 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-25 17:57:36,874 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-25 17:57:36,877 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-25 17:57:36,880 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-25 17:57:36,887 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-25 17:57:36,888 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-25 17:57:36,891 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-25 17:57:36,892 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-25 17:57:36,895 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-25 17:57:36,898 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-25 17:57:36,902 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-25 17:57:36,904 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-25 17:57:36,905 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-25 17:57:36,907 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-25 17:57:36,915 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-25 17:57:36,917 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-25 17:57:36,920 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-25 17:57:36,921 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-25 17:57:36,923 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-25 17:57:36,935 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-25 17:57:36,935 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-25 17:57:36,936 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-25 17:57:36,939 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-25 17:57:36,940 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-25 17:57:36,941 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-25 17:57:36,941 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-25 17:57:36,942 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-25 17:57:36,945 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-25 17:57:36,947 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-25 17:57:36,949 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-25 17:57:36,949 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-25 17:57:36,950 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-25 17:57:36,951 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-25 17:57:36,952 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-25 17:57:36,954 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-25 17:57:36,955 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-25 17:57:36,956 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Default.epf [2022-11-25 17:57:37,005 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-25 17:57:37,006 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-25 17:57:37,007 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-25 17:57:37,007 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-25 17:57:37,008 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-25 17:57:37,009 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-25 17:57:37,010 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-25 17:57:37,010 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-25 17:57:37,011 INFO L138 SettingsManager]: * Use SBE=true [2022-11-25 17:57:37,011 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-25 17:57:37,013 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-25 17:57:37,013 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-11-25 17:57:37,013 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-25 17:57:37,014 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-25 17:57:37,014 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-25 17:57:37,014 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-11-25 17:57:37,015 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-11-25 17:57:37,015 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-11-25 17:57:37,015 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-25 17:57:37,016 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-11-25 17:57:37,016 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-25 17:57:37,016 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-25 17:57:37,017 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-25 17:57:37,017 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-25 17:57:37,017 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-25 17:57:37,017 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-25 17:57:37,018 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-25 17:57:37,018 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-25 17:57:37,019 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-25 17:57:37,019 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-25 17:57:37,019 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-25 17:57:37,020 INFO L138 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2022-11-25 17:57:37,020 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-11-25 17:57:37,020 INFO L138 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 1df58a12292e53aa25870e709e17978d63a0e61d4dd56fb439981d66ecb6b925 [2022-11-25 17:57:37,432 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-25 17:57:37,472 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-25 17:57:37,476 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-25 17:57:37,478 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-25 17:57:37,479 INFO L275 PluginConnector]: CDTParser initialized [2022-11-25 17:57:37,480 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/../../sv-benchmarks/c/ldv-memsafety/memleaks_test18_3.i [2022-11-25 17:57:41,424 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-25 17:57:41,757 INFO L351 CDTParser]: Found 1 translation units. [2022-11-25 17:57:41,758 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/sv-benchmarks/c/ldv-memsafety/memleaks_test18_3.i [2022-11-25 17:57:41,775 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/data/801225902/ff4f834cc17e49779943f9c607a9e1f8/FLAGc48939a75 [2022-11-25 17:57:41,795 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/data/801225902/ff4f834cc17e49779943f9c607a9e1f8 [2022-11-25 17:57:41,798 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-25 17:57:41,800 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-25 17:57:41,803 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-25 17:57:41,803 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-25 17:57:41,808 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-25 17:57:41,809 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 25.11 05:57:41" (1/1) ... [2022-11-25 17:57:41,811 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@7c543531 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:41, skipping insertion in model container [2022-11-25 17:57:41,811 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 25.11 05:57:41" (1/1) ... [2022-11-25 17:57:41,821 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-25 17:57:41,898 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-25 17:57:42,416 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-25 17:57:42,449 ERROR L326 MainTranslator]: Unsupported Syntax: Found a cast between two array/pointer types of different sizes while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) [2022-11-25 17:57:42,450 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.CACSL2BoogieTranslatorObserver@1db1ecad and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:42, skipping insertion in model container [2022-11-25 17:57:42,451 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-25 17:57:42,451 INFO L184 ToolchainWalker]: Toolchain execution was canceled (user or tool) before executing de.uni_freiburg.informatik.ultimate.boogie.procedureinliner [2022-11-25 17:57:42,456 INFO L158 Benchmark]: Toolchain (without parser) took 654.32ms. Allocated memory was 138.4MB in the beginning and 184.5MB in the end (delta: 46.1MB). Free memory was 72.9MB in the beginning and 145.1MB in the end (delta: -72.2MB). Peak memory consumption was 12.2MB. Max. memory is 16.1GB. [2022-11-25 17:57:42,457 INFO L158 Benchmark]: CDTParser took 0.35ms. Allocated memory is still 138.4MB. Free memory is still 107.2MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-25 17:57:42,459 INFO L158 Benchmark]: CACSL2BoogieTranslator took 648.57ms. Allocated memory was 138.4MB in the beginning and 184.5MB in the end (delta: 46.1MB). Free memory was 72.5MB in the beginning and 145.1MB in the end (delta: -72.6MB). Peak memory consumption was 12.2MB. Max. memory is 16.1GB. [2022-11-25 17:57:42,462 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.35ms. Allocated memory is still 138.4MB. Free memory is still 107.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 648.57ms. Allocated memory was 138.4MB in the beginning and 184.5MB in the end (delta: 46.1MB). Free memory was 72.5MB in the beginning and 145.1MB in the end (delta: -72.6MB). Peak memory consumption was 12.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - UnsupportedSyntaxResult [Line: 576]: Unsupported Syntax Found a cast between two array/pointer types of different sizes while using memory model HoenickeLindenmann_Original (while Not using bitvector translation) RESULT: Ultimate could not prove your program: Toolchain returned no result. Received shutdown request... --- End real Ultimate output --- Execution finished normally Using bit-precise analysis Retrying with bit-precise analysis ### Bit-precise run ### Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/config/AutomizerMemDerefMemtrack.xml -i ../../sv-benchmarks/c/ldv-memsafety/memleaks_test18_3.i -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 1df58a12292e53aa25870e709e17978d63a0e61d4dd56fb439981d66ecb6b925 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-38b53e6 [2022-11-25 17:57:45,331 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-25 17:57:45,334 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-25 17:57:45,385 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-25 17:57:45,386 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-25 17:57:45,390 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-25 17:57:45,393 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-25 17:57:45,397 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-25 17:57:45,400 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-25 17:57:45,407 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-25 17:57:45,409 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-25 17:57:45,412 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-25 17:57:45,413 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-25 17:57:45,415 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-25 17:57:45,417 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-25 17:57:45,425 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-25 17:57:45,427 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-25 17:57:45,428 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-25 17:57:45,430 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-25 17:57:45,436 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-25 17:57:45,438 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-25 17:57:45,441 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-25 17:57:45,443 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-25 17:57:45,444 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-25 17:57:45,456 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-25 17:57:45,457 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-25 17:57:45,458 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-25 17:57:45,460 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-25 17:57:45,461 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-25 17:57:45,462 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-25 17:57:45,463 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-25 17:57:45,464 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-25 17:57:45,466 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-25 17:57:45,468 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-25 17:57:45,469 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-25 17:57:45,489 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-25 17:57:45,490 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-25 17:57:45,491 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-25 17:57:45,491 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-25 17:57:45,493 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-25 17:57:45,494 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-25 17:57:45,496 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/config/svcomp-DerefFreeMemtrack-32bit-Automizer_Bitvector.epf [2022-11-25 17:57:45,546 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-25 17:57:45,547 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-25 17:57:45,549 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-25 17:57:45,549 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-25 17:57:45,551 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-25 17:57:45,551 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-25 17:57:45,552 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-25 17:57:45,553 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-25 17:57:45,553 INFO L138 SettingsManager]: * Use SBE=true [2022-11-25 17:57:45,553 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-25 17:57:45,555 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-25 17:57:45,555 INFO L138 SettingsManager]: * Check unreachability of error function in SV-COMP mode=false [2022-11-25 17:57:45,555 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-25 17:57:45,556 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-25 17:57:45,556 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-25 17:57:45,556 INFO L138 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2022-11-25 17:57:45,557 INFO L138 SettingsManager]: * Bitprecise bitfields=true [2022-11-25 17:57:45,557 INFO L138 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2022-11-25 17:57:45,557 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-25 17:57:45,558 INFO L138 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2022-11-25 17:57:45,558 INFO L138 SettingsManager]: * Use bitvectors instead of ints=true [2022-11-25 17:57:45,558 INFO L138 SettingsManager]: * Memory model=HoenickeLindenmann_4ByteResolution [2022-11-25 17:57:45,558 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-25 17:57:45,559 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-25 17:57:45,559 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-25 17:57:45,560 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-25 17:57:45,560 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-25 17:57:45,560 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-25 17:57:45,561 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-25 17:57:45,561 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-25 17:57:45,561 INFO L138 SettingsManager]: * Trace refinement strategy=WOLF [2022-11-25 17:57:45,561 INFO L138 SettingsManager]: * Command for external solver=cvc4 --incremental --print-success --lang smt [2022-11-25 17:57:45,562 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-25 17:57:45,562 INFO L138 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2022-11-25 17:57:45,563 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-11-25 17:57:45,563 INFO L138 SettingsManager]: * Logic for external solver=AUFBV [2022-11-25 17:57:45,563 INFO L138 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 1df58a12292e53aa25870e709e17978d63a0e61d4dd56fb439981d66ecb6b925 [2022-11-25 17:57:46,111 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-25 17:57:46,147 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-25 17:57:46,150 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-25 17:57:46,152 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-25 17:57:46,153 INFO L275 PluginConnector]: CDTParser initialized [2022-11-25 17:57:46,155 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/../../sv-benchmarks/c/ldv-memsafety/memleaks_test18_3.i [2022-11-25 17:57:50,135 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-25 17:57:50,488 INFO L351 CDTParser]: Found 1 translation units. [2022-11-25 17:57:50,489 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/sv-benchmarks/c/ldv-memsafety/memleaks_test18_3.i [2022-11-25 17:57:50,505 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/data/52be1b5b3/ce409ea59e8d4d28b249c411aef7d5f5/FLAGd1d71c2a8 [2022-11-25 17:57:50,541 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/data/52be1b5b3/ce409ea59e8d4d28b249c411aef7d5f5 [2022-11-25 17:57:50,544 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-25 17:57:50,546 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-25 17:57:50,550 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-25 17:57:50,551 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-25 17:57:50,558 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-25 17:57:50,559 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 25.11 05:57:50" (1/1) ... [2022-11-25 17:57:50,561 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3b0e61ca and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:50, skipping insertion in model container [2022-11-25 17:57:50,562 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 25.11 05:57:50" (1/1) ... [2022-11-25 17:57:50,571 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-25 17:57:50,622 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-25 17:57:51,221 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-25 17:57:51,245 INFO L200 MainTranslator]: Restarting translation with changed settings: SettingsChange [mNewPreferredMemoryModel=HoenickeLindenmann_1ByteResolution] [2022-11-25 17:57:51,256 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-25 17:57:51,308 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-25 17:57:51,317 INFO L203 MainTranslator]: Completed pre-run [2022-11-25 17:57:51,392 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-25 17:57:51,458 INFO L208 MainTranslator]: Completed translation [2022-11-25 17:57:51,459 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51 WrapperNode [2022-11-25 17:57:51,459 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-25 17:57:51,460 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-25 17:57:51,460 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-25 17:57:51,461 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-25 17:57:51,470 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51" (1/1) ... [2022-11-25 17:57:51,500 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51" (1/1) ... [2022-11-25 17:57:51,528 INFO L138 Inliner]: procedures = 165, calls = 70, calls flagged for inlining = 21, calls inlined = 3, statements flattened = 31 [2022-11-25 17:57:51,528 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-25 17:57:51,529 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-25 17:57:51,529 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-25 17:57:51,530 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-25 17:57:51,541 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51" (1/1) ... [2022-11-25 17:57:51,542 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51" (1/1) ... [2022-11-25 17:57:51,546 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51" (1/1) ... [2022-11-25 17:57:51,546 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51" (1/1) ... [2022-11-25 17:57:51,554 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51" (1/1) ... [2022-11-25 17:57:51,558 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51" (1/1) ... [2022-11-25 17:57:51,560 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51" (1/1) ... [2022-11-25 17:57:51,561 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51" (1/1) ... [2022-11-25 17:57:51,565 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-25 17:57:51,566 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-25 17:57:51,566 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-25 17:57:51,566 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-25 17:57:51,567 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51" (1/1) ... [2022-11-25 17:57:51,575 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-25 17:57:51,595 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/z3 [2022-11-25 17:57:51,611 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-25 17:57:51,614 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-25 17:57:51,661 INFO L130 BoogieDeclarations]: Found specification of procedure ldv_malloc [2022-11-25 17:57:51,661 INFO L138 BoogieDeclarations]: Found implementation of procedure ldv_malloc [2022-11-25 17:57:51,661 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2022-11-25 17:57:51,662 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-25 17:57:51,662 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2022-11-25 17:57:51,662 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2022-11-25 17:57:51,662 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-25 17:57:51,662 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-25 17:57:51,815 INFO L235 CfgBuilder]: Building ICFG [2022-11-25 17:57:51,818 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-25 17:57:52,008 INFO L276 CfgBuilder]: Performing block encoding [2022-11-25 17:57:52,016 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-25 17:57:52,017 INFO L300 CfgBuilder]: Removed 1 assume(true) statements. [2022-11-25 17:57:52,019 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 25.11 05:57:52 BoogieIcfgContainer [2022-11-25 17:57:52,020 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-25 17:57:52,022 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-25 17:57:52,022 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-25 17:57:52,026 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-25 17:57:52,027 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 25.11 05:57:50" (1/3) ... [2022-11-25 17:57:52,028 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@66688e63 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 25.11 05:57:52, skipping insertion in model container [2022-11-25 17:57:52,028 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 05:57:51" (2/3) ... [2022-11-25 17:57:52,029 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@66688e63 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 25.11 05:57:52, skipping insertion in model container [2022-11-25 17:57:52,029 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 25.11 05:57:52" (3/3) ... [2022-11-25 17:57:52,031 INFO L112 eAbstractionObserver]: Analyzing ICFG memleaks_test18_3.i [2022-11-25 17:57:52,057 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-25 17:57:52,057 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 3 error locations. [2022-11-25 17:57:52,133 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-25 17:57:52,143 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@628bffeb, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-25 17:57:52,145 INFO L358 AbstractCegarLoop]: Starting to check reachability of 3 error locations. [2022-11-25 17:57:52,150 INFO L276 IsEmpty]: Start isEmpty. Operand has 21 states, 14 states have (on average 1.5) internal successors, (21), 17 states have internal predecessors, (21), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 17:57:52,161 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-11-25 17:57:52,161 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:57:52,162 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:57:52,163 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:57:52,176 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:57:52,176 INFO L85 PathProgramCache]: Analyzing trace with hash -74700687, now seen corresponding path program 1 times [2022-11-25 17:57:52,196 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:57:52,196 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1306481735] [2022-11-25 17:57:52,197 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 17:57:52,198 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:57:52,198 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:57:52,209 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:57:52,246 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (2)] Waiting until timeout for monitored process [2022-11-25 17:57:52,388 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 17:57:52,392 INFO L263 TraceCheckSpWp]: Trace formula consists of 42 conjuncts, 4 conjunts are in the unsatisfiable core [2022-11-25 17:57:52,398 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:57:52,520 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-25 17:57:52,523 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-25 17:57:52,525 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:57:52,525 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1306481735] [2022-11-25 17:57:52,526 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1306481735] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 17:57:52,527 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 17:57:52,528 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-25 17:57:52,530 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [175504620] [2022-11-25 17:57:52,531 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 17:57:52,540 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-25 17:57:52,541 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:57:52,603 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-25 17:57:52,604 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-25 17:57:52,607 INFO L87 Difference]: Start difference. First operand has 21 states, 14 states have (on average 1.5) internal successors, (21), 17 states have internal predecessors, (21), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Second operand has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-25 17:57:52,770 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:57:52,771 INFO L93 Difference]: Finished difference Result 37 states and 43 transitions. [2022-11-25 17:57:52,773 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-25 17:57:52,774 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-11-25 17:57:52,775 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:57:52,783 INFO L225 Difference]: With dead ends: 37 [2022-11-25 17:57:52,784 INFO L226 Difference]: Without dead ends: 33 [2022-11-25 17:57:52,785 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-25 17:57:52,789 INFO L413 NwaCegarLoop]: 24 mSDtfsCounter, 12 mSDsluCounter, 59 mSDsCounter, 0 mSdLazyCounter, 27 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 83 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 27 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-25 17:57:52,790 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 83 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 27 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-25 17:57:52,809 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 33 states. [2022-11-25 17:57:52,831 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 33 to 23. [2022-11-25 17:57:52,833 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 23 states, 16 states have (on average 1.3125) internal successors, (21), 18 states have internal predecessors, (21), 2 states have call successors, (2), 1 states have call predecessors, (2), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-25 17:57:52,835 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 23 states to 23 states and 27 transitions. [2022-11-25 17:57:52,837 INFO L78 Accepts]: Start accepts. Automaton has 23 states and 27 transitions. Word has length 11 [2022-11-25 17:57:52,837 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:57:52,838 INFO L495 AbstractCegarLoop]: Abstraction has 23 states and 27 transitions. [2022-11-25 17:57:52,838 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 1.8) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-25 17:57:52,839 INFO L276 IsEmpty]: Start isEmpty. Operand 23 states and 27 transitions. [2022-11-25 17:57:52,840 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 12 [2022-11-25 17:57:52,840 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:57:52,841 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:57:52,859 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (2)] Forceful destruction successful, exit code 0 [2022-11-25 17:57:53,053 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:57:53,054 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:57:53,054 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:57:53,055 INFO L85 PathProgramCache]: Analyzing trace with hash 812802994, now seen corresponding path program 1 times [2022-11-25 17:57:53,055 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:57:53,055 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1097503404] [2022-11-25 17:57:53,056 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 17:57:53,056 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:57:53,056 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:57:53,058 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:57:53,075 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (3)] Waiting until timeout for monitored process [2022-11-25 17:57:53,161 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 17:57:53,163 INFO L263 TraceCheckSpWp]: Trace formula consists of 36 conjuncts, 4 conjunts are in the unsatisfiable core [2022-11-25 17:57:53,164 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:57:53,203 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-25 17:57:53,204 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-25 17:57:53,204 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:57:53,205 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1097503404] [2022-11-25 17:57:53,205 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1097503404] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 17:57:53,205 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 17:57:53,205 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-25 17:57:53,206 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1959685086] [2022-11-25 17:57:53,206 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 17:57:53,208 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-25 17:57:53,208 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:57:53,209 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-25 17:57:53,210 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-25 17:57:53,211 INFO L87 Difference]: Start difference. First operand 23 states and 27 transitions. Second operand has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-25 17:57:53,316 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:57:53,319 INFO L93 Difference]: Finished difference Result 32 states and 38 transitions. [2022-11-25 17:57:53,321 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-25 17:57:53,321 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 11 [2022-11-25 17:57:53,322 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:57:53,324 INFO L225 Difference]: With dead ends: 32 [2022-11-25 17:57:53,325 INFO L226 Difference]: Without dead ends: 30 [2022-11-25 17:57:53,327 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-25 17:57:53,329 INFO L413 NwaCegarLoop]: 32 mSDtfsCounter, 8 mSDsluCounter, 34 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 8 SdHoareTripleChecker+Valid, 66 SdHoareTripleChecker+Invalid, 28 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-25 17:57:53,330 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [8 Valid, 66 Invalid, 28 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-25 17:57:53,331 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 30 states. [2022-11-25 17:57:53,335 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 30 to 28. [2022-11-25 17:57:53,335 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 28 states, 20 states have (on average 1.3) internal successors, (26), 22 states have internal predecessors, (26), 3 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) [2022-11-25 17:57:53,337 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 28 states to 28 states and 35 transitions. [2022-11-25 17:57:53,337 INFO L78 Accepts]: Start accepts. Automaton has 28 states and 35 transitions. Word has length 11 [2022-11-25 17:57:53,337 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:57:53,337 INFO L495 AbstractCegarLoop]: Abstraction has 28 states and 35 transitions. [2022-11-25 17:57:53,338 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 3.0) internal successors, (9), 4 states have internal predecessors, (9), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-25 17:57:53,338 INFO L276 IsEmpty]: Start isEmpty. Operand 28 states and 35 transitions. [2022-11-25 17:57:53,338 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2022-11-25 17:57:53,342 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:57:53,342 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:57:53,357 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (3)] Forceful destruction successful, exit code 0 [2022-11-25 17:57:53,555 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:57:53,556 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:57:53,556 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:57:53,556 INFO L85 PathProgramCache]: Analyzing trace with hash 1979292102, now seen corresponding path program 1 times [2022-11-25 17:57:53,557 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:57:53,557 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1964487710] [2022-11-25 17:57:53,557 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 17:57:53,557 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:57:53,558 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:57:53,560 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:57:53,566 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (4)] Waiting until timeout for monitored process [2022-11-25 17:57:53,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 17:57:53,659 INFO L263 TraceCheckSpWp]: Trace formula consists of 42 conjuncts, 3 conjunts are in the unsatisfiable core [2022-11-25 17:57:53,661 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:57:53,737 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-25 17:57:53,737 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-25 17:57:53,738 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:57:53,738 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1964487710] [2022-11-25 17:57:53,738 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1964487710] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 17:57:53,739 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 17:57:53,739 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-25 17:57:53,739 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1565829698] [2022-11-25 17:57:53,740 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 17:57:53,740 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-25 17:57:53,740 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:57:53,741 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-25 17:57:53,741 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-11-25 17:57:53,742 INFO L87 Difference]: Start difference. First operand 28 states and 35 transitions. Second operand has 4 states, 4 states have (on average 2.5) internal successors, (10), 4 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-25 17:57:53,804 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:57:53,805 INFO L93 Difference]: Finished difference Result 40 states and 53 transitions. [2022-11-25 17:57:53,806 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-25 17:57:53,806 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 2.5) internal successors, (10), 4 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 12 [2022-11-25 17:57:53,806 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:57:53,807 INFO L225 Difference]: With dead ends: 40 [2022-11-25 17:57:53,807 INFO L226 Difference]: Without dead ends: 40 [2022-11-25 17:57:53,808 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2022-11-25 17:57:53,809 INFO L413 NwaCegarLoop]: 17 mSDtfsCounter, 15 mSDsluCounter, 16 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 17 SdHoareTripleChecker+Valid, 33 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-25 17:57:53,810 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [17 Valid, 33 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-25 17:57:53,811 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 40 states. [2022-11-25 17:57:53,823 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 40 to 29. [2022-11-25 17:57:53,824 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 29 states, 21 states have (on average 1.2857142857142858) internal successors, (27), 23 states have internal predecessors, (27), 3 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) [2022-11-25 17:57:53,825 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 29 states to 29 states and 36 transitions. [2022-11-25 17:57:53,825 INFO L78 Accepts]: Start accepts. Automaton has 29 states and 36 transitions. Word has length 12 [2022-11-25 17:57:53,825 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:57:53,826 INFO L495 AbstractCegarLoop]: Abstraction has 29 states and 36 transitions. [2022-11-25 17:57:53,826 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 2.5) internal successors, (10), 4 states have internal predecessors, (10), 1 states have call successors, (1), 1 states have call predecessors, (1), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-25 17:57:53,826 INFO L276 IsEmpty]: Start isEmpty. Operand 29 states and 36 transitions. [2022-11-25 17:57:53,827 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-25 17:57:53,827 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:57:53,827 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:57:53,844 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (4)] Forceful destruction successful, exit code 0 [2022-11-25 17:57:54,028 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:57:54,028 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:57:54,029 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:57:54,029 INFO L85 PathProgramCache]: Analyzing trace with hash -938120081, now seen corresponding path program 1 times [2022-11-25 17:57:54,030 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:57:54,030 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1665555545] [2022-11-25 17:57:54,030 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 17:57:54,031 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:57:54,031 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:57:54,032 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:57:54,039 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (5)] Waiting until timeout for monitored process [2022-11-25 17:57:54,162 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 17:57:54,165 INFO L263 TraceCheckSpWp]: Trace formula consists of 61 conjuncts, 9 conjunts are in the unsatisfiable core [2022-11-25 17:57:54,169 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:57:54,249 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:57:54,429 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_10 (_ BitVec 1))) (= |c_#valid| (store |c_old(#valid)| |ldv_malloc_#res.base| v_ArrVal_10))) (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)))) is different from true [2022-11-25 17:57:54,501 INFO L321 Elim1Store]: treesize reduction 22, result has 35.3 percent of original size [2022-11-25 17:57:54,502 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 27 [2022-11-25 17:57:54,545 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 2 not checked. [2022-11-25 17:57:54,546 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:57:54,906 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 2 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-25 17:57:54,906 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:57:54,907 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1665555545] [2022-11-25 17:57:54,907 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1665555545] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-25 17:57:54,907 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:57:54,907 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 5] total 7 [2022-11-25 17:57:54,907 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1482657584] [2022-11-25 17:57:54,908 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:57:54,908 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-25 17:57:54,908 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:57:54,909 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-25 17:57:54,909 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=31, Unknown=1, NotChecked=10, Total=56 [2022-11-25 17:57:54,910 INFO L87 Difference]: Start difference. First operand 29 states and 36 transitions. Second operand has 8 states, 7 states have (on average 2.2857142857142856) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-25 17:57:55,165 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:57:55,165 INFO L93 Difference]: Finished difference Result 36 states and 46 transitions. [2022-11-25 17:57:55,166 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-25 17:57:55,166 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 2.2857142857142856) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 17 [2022-11-25 17:57:55,167 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:57:55,168 INFO L225 Difference]: With dead ends: 36 [2022-11-25 17:57:55,168 INFO L226 Difference]: Without dead ends: 36 [2022-11-25 17:57:55,168 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 24 SyntacticMatches, 2 SemanticMatches, 7 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=18, Invalid=41, Unknown=1, NotChecked=12, Total=72 [2022-11-25 17:57:55,170 INFO L413 NwaCegarLoop]: 18 mSDtfsCounter, 8 mSDsluCounter, 36 mSDsCounter, 0 mSdLazyCounter, 80 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 8 SdHoareTripleChecker+Valid, 54 SdHoareTripleChecker+Invalid, 107 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 80 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 24 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-25 17:57:55,170 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [8 Valid, 54 Invalid, 107 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 80 Invalid, 0 Unknown, 24 Unchecked, 0.2s Time] [2022-11-25 17:57:55,171 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 36 states. [2022-11-25 17:57:55,176 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 36 to 35. [2022-11-25 17:57:55,192 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 35 states, 26 states have (on average 1.3076923076923077) internal successors, (34), 27 states have internal predecessors, (34), 4 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (8), 6 states have call predecessors, (8), 4 states have call successors, (8) [2022-11-25 17:57:55,193 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 35 states to 35 states and 46 transitions. [2022-11-25 17:57:55,194 INFO L78 Accepts]: Start accepts. Automaton has 35 states and 46 transitions. Word has length 17 [2022-11-25 17:57:55,194 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:57:55,194 INFO L495 AbstractCegarLoop]: Abstraction has 35 states and 46 transitions. [2022-11-25 17:57:55,195 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 2.2857142857142856) internal successors, (16), 7 states have internal predecessors, (16), 2 states have call successors, (3), 3 states have call predecessors, (3), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-25 17:57:55,195 INFO L276 IsEmpty]: Start isEmpty. Operand 35 states and 46 transitions. [2022-11-25 17:57:55,196 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-25 17:57:55,199 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:57:55,204 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:57:55,221 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (5)] Forceful destruction successful, exit code 0 [2022-11-25 17:57:55,421 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:57:55,421 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:57:55,422 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:57:55,422 INFO L85 PathProgramCache]: Analyzing trace with hash -938120080, now seen corresponding path program 1 times [2022-11-25 17:57:55,423 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:57:55,423 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [749003109] [2022-11-25 17:57:55,423 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 17:57:55,423 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:57:55,424 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:57:55,425 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:57:55,433 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (6)] Waiting until timeout for monitored process [2022-11-25 17:57:55,519 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 17:57:55,522 INFO L263 TraceCheckSpWp]: Trace formula consists of 61 conjuncts, 20 conjunts are in the unsatisfiable core [2022-11-25 17:57:55,528 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:57:55,563 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:57:55,571 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:57:55,846 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_21 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_21) |c_#length|)))) is different from true [2022-11-25 17:57:55,901 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:57:55,903 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:57:55,926 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:57:55,927 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:57:55,978 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 1 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 2 not checked. [2022-11-25 17:57:55,979 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:57:57,718 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:57:57,718 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [749003109] [2022-11-25 17:57:57,718 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [749003109] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:57:57,719 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1054738432] [2022-11-25 17:57:57,719 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 17:57:57,719 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-11-25 17:57:57,719 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 [2022-11-25 17:57:57,727 INFO L229 MonitoredProcess]: Starting monitored process 7 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-11-25 17:57:57,767 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (7)] Waiting until timeout for monitored process [2022-11-25 17:57:57,936 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 17:57:57,940 INFO L263 TraceCheckSpWp]: Trace formula consists of 61 conjuncts, 20 conjunts are in the unsatisfiable core [2022-11-25 17:57:57,946 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:57:57,976 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:57:57,991 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:57:58,122 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_31 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_31) |c_#length|)))) is different from true [2022-11-25 17:57:58,169 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:57:58,172 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:57:58,186 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:57:58,186 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:57:58,209 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 1 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 2 not checked. [2022-11-25 17:57:58,210 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:57:59,840 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1054738432] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:57:59,841 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:57:59,841 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9] total 10 [2022-11-25 17:57:59,841 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1437849022] [2022-11-25 17:57:59,841 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:57:59,842 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2022-11-25 17:57:59,842 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:57:59,842 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2022-11-25 17:57:59,843 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=27, Invalid=89, Unknown=2, NotChecked=38, Total=156 [2022-11-25 17:57:59,843 INFO L87 Difference]: Start difference. First operand 35 states and 46 transitions. Second operand has 11 states, 9 states have (on average 1.6666666666666667) internal successors, (15), 10 states have internal predecessors, (15), 2 states have call successors, (2), 2 states have call predecessors, (2), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-25 17:58:00,410 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:58:00,410 INFO L93 Difference]: Finished difference Result 41 states and 54 transitions. [2022-11-25 17:58:00,412 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-11-25 17:58:00,412 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 9 states have (on average 1.6666666666666667) internal successors, (15), 10 states have internal predecessors, (15), 2 states have call successors, (2), 2 states have call predecessors, (2), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 17 [2022-11-25 17:58:00,412 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:58:00,413 INFO L225 Difference]: With dead ends: 41 [2022-11-25 17:58:00,414 INFO L226 Difference]: Without dead ends: 41 [2022-11-25 17:58:00,414 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 43 GetRequests, 26 SyntacticMatches, 1 SemanticMatches, 16 ConstructedPredicates, 2 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 3.4s TimeCoverageRelationStatistics Valid=52, Invalid=194, Unknown=2, NotChecked=58, Total=306 [2022-11-25 17:58:00,415 INFO L413 NwaCegarLoop]: 14 mSDtfsCounter, 24 mSDsluCounter, 42 mSDsCounter, 0 mSdLazyCounter, 128 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 28 SdHoareTripleChecker+Valid, 56 SdHoareTripleChecker+Invalid, 190 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 128 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 56 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-25 17:58:00,416 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [28 Valid, 56 Invalid, 190 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 128 Invalid, 0 Unknown, 56 Unchecked, 0.3s Time] [2022-11-25 17:58:00,416 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 41 states. [2022-11-25 17:58:00,422 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 41 to 38. [2022-11-25 17:58:00,423 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 38 states, 28 states have (on average 1.2857142857142858) internal successors, (36), 29 states have internal predecessors, (36), 5 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (10), 7 states have call predecessors, (10), 5 states have call successors, (10) [2022-11-25 17:58:00,424 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 38 states to 38 states and 51 transitions. [2022-11-25 17:58:00,424 INFO L78 Accepts]: Start accepts. Automaton has 38 states and 51 transitions. Word has length 17 [2022-11-25 17:58:00,425 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:58:00,425 INFO L495 AbstractCegarLoop]: Abstraction has 38 states and 51 transitions. [2022-11-25 17:58:00,425 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 9 states have (on average 1.6666666666666667) internal successors, (15), 10 states have internal predecessors, (15), 2 states have call successors, (2), 2 states have call predecessors, (2), 3 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-25 17:58:00,425 INFO L276 IsEmpty]: Start isEmpty. Operand 38 states and 51 transitions. [2022-11-25 17:58:00,426 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-25 17:58:00,427 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:58:00,427 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:58:00,448 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (6)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:00,643 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (7)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:00,841 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3,7 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt [2022-11-25 17:58:00,841 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:58:00,842 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:58:00,842 INFO L85 PathProgramCache]: Analyzing trace with hash -1231523088, now seen corresponding path program 1 times [2022-11-25 17:58:00,842 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:58:00,842 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1914289966] [2022-11-25 17:58:00,843 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 17:58:00,843 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:00,843 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:58:00,844 INFO L229 MonitoredProcess]: Starting monitored process 8 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:58:00,870 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (8)] Waiting until timeout for monitored process [2022-11-25 17:58:00,912 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 17:58:00,913 INFO L263 TraceCheckSpWp]: Trace formula consists of 55 conjuncts, 7 conjunts are in the unsatisfiable core [2022-11-25 17:58:00,915 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:00,973 INFO L134 CoverageAnalysis]: Checked inductivity of 4 backedges. 4 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-25 17:58:00,973 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-25 17:58:00,973 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:58:00,973 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1914289966] [2022-11-25 17:58:00,973 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1914289966] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 17:58:00,974 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 17:58:00,974 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-25 17:58:00,974 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [821636234] [2022-11-25 17:58:00,974 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 17:58:00,974 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-25 17:58:00,975 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:58:00,975 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-25 17:58:00,976 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-25 17:58:00,976 INFO L87 Difference]: Start difference. First operand 38 states and 51 transitions. Second operand has 5 states, 5 states have (on average 2.6) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 17:58:01,011 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:58:01,012 INFO L93 Difference]: Finished difference Result 26 states and 30 transitions. [2022-11-25 17:58:01,012 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-25 17:58:01,013 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.6) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 17 [2022-11-25 17:58:01,015 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:58:01,017 INFO L225 Difference]: With dead ends: 26 [2022-11-25 17:58:01,017 INFO L226 Difference]: Without dead ends: 24 [2022-11-25 17:58:01,017 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-25 17:58:01,020 INFO L413 NwaCegarLoop]: 23 mSDtfsCounter, 0 mSDsluCounter, 56 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 79 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-25 17:58:01,020 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 79 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-25 17:58:01,022 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 24 states. [2022-11-25 17:58:01,029 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 24 to 24. [2022-11-25 17:58:01,029 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 24 states, 17 states have (on average 1.1764705882352942) internal successors, (20), 19 states have internal predecessors, (20), 3 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-25 17:58:01,035 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 24 states to 24 states and 28 transitions. [2022-11-25 17:58:01,035 INFO L78 Accepts]: Start accepts. Automaton has 24 states and 28 transitions. Word has length 17 [2022-11-25 17:58:01,035 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:58:01,035 INFO L495 AbstractCegarLoop]: Abstraction has 24 states and 28 transitions. [2022-11-25 17:58:01,035 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 2.6) internal successors, (13), 4 states have internal predecessors, (13), 2 states have call successors, (2), 2 states have call predecessors, (2), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 17:58:01,036 INFO L276 IsEmpty]: Start isEmpty. Operand 24 states and 28 transitions. [2022-11-25 17:58:01,036 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-25 17:58:01,036 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:58:01,036 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:58:01,054 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (8)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:01,237 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:01,237 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:58:01,237 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:58:01,238 INFO L85 PathProgramCache]: Analyzing trace with hash -1382319161, now seen corresponding path program 1 times [2022-11-25 17:58:01,238 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:58:01,238 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [12386627] [2022-11-25 17:58:01,238 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 17:58:01,238 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:01,238 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:58:01,242 INFO L229 MonitoredProcess]: Starting monitored process 9 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:58:01,250 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (9)] Waiting until timeout for monitored process [2022-11-25 17:58:01,310 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 17:58:01,312 INFO L263 TraceCheckSpWp]: Trace formula consists of 77 conjuncts, 4 conjunts are in the unsatisfiable core [2022-11-25 17:58:01,314 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:01,389 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-25 17:58:01,389 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:01,513 INFO L134 CoverageAnalysis]: Checked inductivity of 5 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-25 17:58:01,514 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:58:01,514 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [12386627] [2022-11-25 17:58:01,514 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [12386627] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-25 17:58:01,514 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:58:01,514 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 5] total 8 [2022-11-25 17:58:01,515 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1715606481] [2022-11-25 17:58:01,515 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:58:01,515 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-25 17:58:01,516 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:58:01,516 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-25 17:58:01,516 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-11-25 17:58:01,517 INFO L87 Difference]: Start difference. First operand 24 states and 28 transitions. Second operand has 8 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 4 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-25 17:58:01,702 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:58:01,703 INFO L93 Difference]: Finished difference Result 38 states and 46 transitions. [2022-11-25 17:58:01,703 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-25 17:58:01,704 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 4 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) Word has length 21 [2022-11-25 17:58:01,704 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:58:01,705 INFO L225 Difference]: With dead ends: 38 [2022-11-25 17:58:01,705 INFO L226 Difference]: Without dead ends: 38 [2022-11-25 17:58:01,705 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 42 GetRequests, 34 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=38, Invalid=52, Unknown=0, NotChecked=0, Total=90 [2022-11-25 17:58:01,706 INFO L413 NwaCegarLoop]: 20 mSDtfsCounter, 36 mSDsluCounter, 36 mSDsCounter, 0 mSdLazyCounter, 40 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 37 SdHoareTripleChecker+Valid, 56 SdHoareTripleChecker+Invalid, 48 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 40 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-25 17:58:01,707 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [37 Valid, 56 Invalid, 48 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 40 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-25 17:58:01,707 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 38 states. [2022-11-25 17:58:01,712 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 38 to 36. [2022-11-25 17:58:01,712 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 36 states, 27 states have (on average 1.1851851851851851) internal successors, (32), 29 states have internal predecessors, (32), 5 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (9), 5 states have call predecessors, (9), 5 states have call successors, (9) [2022-11-25 17:58:01,713 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 36 states to 36 states and 46 transitions. [2022-11-25 17:58:01,714 INFO L78 Accepts]: Start accepts. Automaton has 36 states and 46 transitions. Word has length 21 [2022-11-25 17:58:01,714 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:58:01,714 INFO L495 AbstractCegarLoop]: Abstraction has 36 states and 46 transitions. [2022-11-25 17:58:01,714 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 4 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (4), 4 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-25 17:58:01,714 INFO L276 IsEmpty]: Start isEmpty. Operand 36 states and 46 transitions. [2022-11-25 17:58:01,715 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-11-25 17:58:01,715 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:58:01,715 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:58:01,737 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (9)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:01,929 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:01,930 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:58:01,930 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:58:01,931 INFO L85 PathProgramCache]: Analyzing trace with hash -704273649, now seen corresponding path program 1 times [2022-11-25 17:58:01,931 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:58:01,931 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2124462911] [2022-11-25 17:58:01,931 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 17:58:01,932 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:01,932 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:58:01,933 INFO L229 MonitoredProcess]: Starting monitored process 10 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:58:01,935 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (10)] Waiting until timeout for monitored process [2022-11-25 17:58:02,042 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 17:58:02,047 INFO L263 TraceCheckSpWp]: Trace formula consists of 96 conjuncts, 28 conjunts are in the unsatisfiable core [2022-11-25 17:58:02,052 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:02,078 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:58:02,085 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:58:02,265 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_61 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_61))))) is different from true [2022-11-25 17:58:02,293 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:02,294 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:02,310 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:02,311 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:02,463 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_62 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_62) |c_#length|)))) is different from true [2022-11-25 17:58:02,504 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:02,505 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:02,519 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:02,519 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:02,571 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 2 proven. 6 refuted. 0 times theorem prover too weak. 2 trivial. 6 not checked. [2022-11-25 17:58:02,571 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:05,065 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:58:05,066 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2124462911] [2022-11-25 17:58:05,066 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2124462911] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:58:05,066 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [386381338] [2022-11-25 17:58:05,066 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 17:58:05,067 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-11-25 17:58:05,067 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 [2022-11-25 17:58:05,080 INFO L229 MonitoredProcess]: Starting monitored process 11 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-11-25 17:58:05,081 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (11)] Waiting until timeout for monitored process [2022-11-25 17:58:05,291 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 17:58:05,296 INFO L263 TraceCheckSpWp]: Trace formula consists of 96 conjuncts, 28 conjunts are in the unsatisfiable core [2022-11-25 17:58:05,303 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:05,322 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:58:05,333 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:58:05,481 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_80 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_80) |c_#length|)))) is different from true [2022-11-25 17:58:05,525 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:05,527 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:05,548 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:05,549 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:05,678 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_81 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_81))))) is different from true [2022-11-25 17:58:05,712 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:05,714 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:05,730 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:05,730 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:05,753 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 2 proven. 6 refuted. 0 times theorem prover too weak. 2 trivial. 6 not checked. [2022-11-25 17:58:05,753 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:06,645 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [386381338] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:58:06,645 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:58:06,645 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 12] total 14 [2022-11-25 17:58:06,645 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [864075776] [2022-11-25 17:58:06,646 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:58:06,646 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-11-25 17:58:06,646 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:58:06,647 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-11-25 17:58:06,648 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=39, Invalid=128, Unknown=5, NotChecked=100, Total=272 [2022-11-25 17:58:06,648 INFO L87 Difference]: Start difference. First operand 36 states and 46 transitions. Second operand has 15 states, 13 states have (on average 1.7692307692307692) internal successors, (23), 14 states have internal predecessors, (23), 3 states have call successors, (3), 2 states have call predecessors, (3), 5 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-25 17:58:07,438 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:58:07,438 INFO L93 Difference]: Finished difference Result 40 states and 49 transitions. [2022-11-25 17:58:07,438 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-11-25 17:58:07,439 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 13 states have (on average 1.7692307692307692) internal successors, (23), 14 states have internal predecessors, (23), 3 states have call successors, (3), 2 states have call predecessors, (3), 5 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) Word has length 26 [2022-11-25 17:58:07,439 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:58:07,440 INFO L225 Difference]: With dead ends: 40 [2022-11-25 17:58:07,440 INFO L226 Difference]: Without dead ends: 40 [2022-11-25 17:58:07,440 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 63 GetRequests, 40 SyntacticMatches, 1 SemanticMatches, 22 ConstructedPredicates, 4 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 3.6s TimeCoverageRelationStatistics Valid=77, Invalid=314, Unknown=5, NotChecked=156, Total=552 [2022-11-25 17:58:07,441 INFO L413 NwaCegarLoop]: 16 mSDtfsCounter, 27 mSDsluCounter, 55 mSDsCounter, 0 mSdLazyCounter, 156 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 30 SdHoareTripleChecker+Valid, 71 SdHoareTripleChecker+Invalid, 295 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 156 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 128 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-25 17:58:07,441 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [30 Valid, 71 Invalid, 295 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 156 Invalid, 0 Unknown, 128 Unchecked, 0.4s Time] [2022-11-25 17:58:07,442 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 40 states. [2022-11-25 17:58:07,446 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 40 to 36. [2022-11-25 17:58:07,446 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 36 states, 27 states have (on average 1.1481481481481481) internal successors, (31), 29 states have internal predecessors, (31), 5 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (9), 5 states have call predecessors, (9), 5 states have call successors, (9) [2022-11-25 17:58:07,447 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 36 states to 36 states and 45 transitions. [2022-11-25 17:58:07,448 INFO L78 Accepts]: Start accepts. Automaton has 36 states and 45 transitions. Word has length 26 [2022-11-25 17:58:07,448 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:58:07,448 INFO L495 AbstractCegarLoop]: Abstraction has 36 states and 45 transitions. [2022-11-25 17:58:07,449 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 13 states have (on average 1.7692307692307692) internal successors, (23), 14 states have internal predecessors, (23), 3 states have call successors, (3), 2 states have call predecessors, (3), 5 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-25 17:58:07,449 INFO L276 IsEmpty]: Start isEmpty. Operand 36 states and 45 transitions. [2022-11-25 17:58:07,450 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-11-25 17:58:07,450 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:58:07,450 INFO L195 NwaCegarLoop]: trace histogram [4, 4, 4, 3, 3, 3, 3, 2, 2, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:58:07,462 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (11)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:07,669 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (10)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:07,859 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 11 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt,10 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:07,860 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:58:07,860 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:58:07,860 INFO L85 PathProgramCache]: Analyzing trace with hash -1383108784, now seen corresponding path program 2 times [2022-11-25 17:58:07,860 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:58:07,861 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [2015308200] [2022-11-25 17:58:07,861 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2022-11-25 17:58:07,861 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:07,861 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:58:07,862 INFO L229 MonitoredProcess]: Starting monitored process 12 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:58:07,864 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (12)] Waiting until timeout for monitored process [2022-11-25 17:58:08,017 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2022-11-25 17:58:08,018 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:58:08,022 INFO L263 TraceCheckSpWp]: Trace formula consists of 131 conjuncts, 36 conjunts are in the unsatisfiable core [2022-11-25 17:58:08,027 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:08,052 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:58:08,059 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:58:08,279 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_107 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_107) |c_#length|)))) is different from true [2022-11-25 17:58:08,312 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:08,314 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:08,329 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:08,330 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:08,516 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_108 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_108) |c_#length|)))) is different from true [2022-11-25 17:58:08,545 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:08,546 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:08,561 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:08,562 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:08,766 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_109 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_109))))) is different from true [2022-11-25 17:58:08,805 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:08,806 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:08,825 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:08,831 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:08,889 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 3 proven. 16 refuted. 0 times theorem prover too weak. 6 trivial. 12 not checked. [2022-11-25 17:58:08,889 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:11,400 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:58:11,400 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [2015308200] [2022-11-25 17:58:11,400 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [2015308200] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:58:11,401 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1347300463] [2022-11-25 17:58:11,401 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2022-11-25 17:58:11,401 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-11-25 17:58:11,401 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 [2022-11-25 17:58:11,407 INFO L229 MonitoredProcess]: Starting monitored process 13 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-11-25 17:58:11,415 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (13)] Waiting until timeout for monitored process [2022-11-25 17:58:11,667 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2022-11-25 17:58:11,668 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:58:11,671 INFO L263 TraceCheckSpWp]: Trace formula consists of 131 conjuncts, 36 conjunts are in the unsatisfiable core [2022-11-25 17:58:11,676 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:11,693 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:58:11,707 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:58:11,837 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_135 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_135) |c_#length|)))) is different from true [2022-11-25 17:58:11,870 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:11,872 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:11,889 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:11,890 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:11,994 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_136 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_136))))) is different from true [2022-11-25 17:58:12,023 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:12,024 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:12,046 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:12,046 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:12,156 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_137 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_137) |c_#length|)))) is different from true [2022-11-25 17:58:12,189 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:12,190 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:12,206 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:12,206 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:12,224 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 3 proven. 16 refuted. 0 times theorem prover too weak. 6 trivial. 12 not checked. [2022-11-25 17:58:12,224 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:12,584 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1347300463] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:58:12,584 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:58:12,584 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 15] total 18 [2022-11-25 17:58:12,585 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1127748326] [2022-11-25 17:58:12,585 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:58:12,585 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2022-11-25 17:58:12,586 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:58:12,586 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2022-11-25 17:58:12,587 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=51, Invalid=177, Unknown=6, NotChecked=186, Total=420 [2022-11-25 17:58:12,587 INFO L87 Difference]: Start difference. First operand 36 states and 45 transitions. Second operand has 19 states, 17 states have (on average 1.8235294117647058) internal successors, (31), 18 states have internal predecessors, (31), 4 states have call successors, (4), 2 states have call predecessors, (4), 7 states have return successors, (7), 4 states have call predecessors, (7), 4 states have call successors, (7) [2022-11-25 17:58:13,789 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:58:13,790 INFO L93 Difference]: Finished difference Result 42 states and 50 transitions. [2022-11-25 17:58:13,791 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-25 17:58:13,791 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 17 states have (on average 1.8235294117647058) internal successors, (31), 18 states have internal predecessors, (31), 4 states have call successors, (4), 2 states have call predecessors, (4), 7 states have return successors, (7), 4 states have call predecessors, (7), 4 states have call successors, (7) Word has length 35 [2022-11-25 17:58:13,791 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:58:13,792 INFO L225 Difference]: With dead ends: 42 [2022-11-25 17:58:13,792 INFO L226 Difference]: Without dead ends: 42 [2022-11-25 17:58:13,793 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 83 GetRequests, 54 SyntacticMatches, 1 SemanticMatches, 28 ConstructedPredicates, 6 IntricatePredicates, 0 DeprecatedPredicates, 44 ImplicationChecksByTransitivity, 3.3s TimeCoverageRelationStatistics Valid=102, Invalid=468, Unknown=6, NotChecked=294, Total=870 [2022-11-25 17:58:13,793 INFO L413 NwaCegarLoop]: 19 mSDtfsCounter, 32 mSDsluCounter, 97 mSDsCounter, 0 mSdLazyCounter, 283 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 558 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 283 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 262 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-25 17:58:13,794 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 116 Invalid, 558 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 283 Invalid, 0 Unknown, 262 Unchecked, 0.7s Time] [2022-11-25 17:58:13,794 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 42 states. [2022-11-25 17:58:13,798 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 42 to 36. [2022-11-25 17:58:13,798 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 36 states, 27 states have (on average 1.1111111111111112) internal successors, (30), 29 states have internal predecessors, (30), 5 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (9), 5 states have call predecessors, (9), 5 states have call successors, (9) [2022-11-25 17:58:13,804 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 36 states to 36 states and 44 transitions. [2022-11-25 17:58:13,804 INFO L78 Accepts]: Start accepts. Automaton has 36 states and 44 transitions. Word has length 35 [2022-11-25 17:58:13,804 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:58:13,805 INFO L495 AbstractCegarLoop]: Abstraction has 36 states and 44 transitions. [2022-11-25 17:58:13,805 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 17 states have (on average 1.8235294117647058) internal successors, (31), 18 states have internal predecessors, (31), 4 states have call successors, (4), 2 states have call predecessors, (4), 7 states have return successors, (7), 4 states have call predecessors, (7), 4 states have call successors, (7) [2022-11-25 17:58:13,805 INFO L276 IsEmpty]: Start isEmpty. Operand 36 states and 44 transitions. [2022-11-25 17:58:13,811 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-11-25 17:58:13,811 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:58:13,812 INFO L195 NwaCegarLoop]: trace histogram [5, 5, 5, 4, 4, 4, 4, 3, 3, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:58:13,822 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (13)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:14,034 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (12)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:14,212 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 13 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt,12 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:14,213 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:58:14,213 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:58:14,213 INFO L85 PathProgramCache]: Analyzing trace with hash -856630225, now seen corresponding path program 3 times [2022-11-25 17:58:14,214 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:58:14,214 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [716028919] [2022-11-25 17:58:14,214 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-25 17:58:14,214 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:14,214 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:58:14,215 INFO L229 MonitoredProcess]: Starting monitored process 14 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:58:14,216 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (14)] Waiting until timeout for monitored process [2022-11-25 17:58:14,464 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 5 check-sat command(s) [2022-11-25 17:58:14,464 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:58:14,472 INFO L263 TraceCheckSpWp]: Trace formula consists of 166 conjuncts, 44 conjunts are in the unsatisfiable core [2022-11-25 17:58:14,476 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:14,503 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:58:14,514 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:58:14,753 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_171 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_171) |c_#length|)) (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)))) is different from true [2022-11-25 17:58:14,786 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:14,790 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:14,806 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:14,807 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:15,021 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_172 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_172))))) is different from true [2022-11-25 17:58:15,054 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:15,056 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:15,079 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:15,080 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:15,277 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_173 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_173))) (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)))) is different from true [2022-11-25 17:58:15,310 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:15,311 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:15,330 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:15,331 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:15,492 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_174 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_174) |c_#length|)))) is different from true [2022-11-25 17:58:15,512 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:15,514 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:15,530 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:15,530 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:15,583 INFO L134 CoverageAnalysis]: Checked inductivity of 67 backedges. 4 proven. 31 refuted. 0 times theorem prover too weak. 12 trivial. 20 not checked. [2022-11-25 17:58:15,583 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:20,171 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:58:20,172 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [716028919] [2022-11-25 17:58:20,172 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [716028919] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:58:20,172 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1109773816] [2022-11-25 17:58:20,172 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-25 17:58:20,172 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-11-25 17:58:20,172 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 [2022-11-25 17:58:20,176 INFO L229 MonitoredProcess]: Starting monitored process 15 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-11-25 17:58:20,195 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (15)] Waiting until timeout for monitored process [2022-11-25 17:58:20,524 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 5 check-sat command(s) [2022-11-25 17:58:20,524 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:58:20,528 INFO L263 TraceCheckSpWp]: Trace formula consists of 166 conjuncts, 53 conjunts are in the unsatisfiable core [2022-11-25 17:58:20,541 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:20,553 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:58:20,561 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:58:20,737 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:20,737 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:20,747 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:21,108 INFO L321 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-11-25 17:58:21,108 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 18 [2022-11-25 17:58:21,134 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:21,134 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:21,479 INFO L321 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-11-25 17:58:21,480 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 18 [2022-11-25 17:58:21,516 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:21,517 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:21,759 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_214 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_214))))) is different from true [2022-11-25 17:58:21,786 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:21,789 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:21,808 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:21,809 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:21,828 INFO L134 CoverageAnalysis]: Checked inductivity of 67 backedges. 4 proven. 37 refuted. 0 times theorem prover too weak. 18 trivial. 8 not checked. [2022-11-25 17:58:21,828 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:22,223 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1109773816] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:58:22,223 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:58:22,224 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [18, 19] total 26 [2022-11-25 17:58:22,224 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [47674516] [2022-11-25 17:58:22,224 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:58:22,225 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 27 states [2022-11-25 17:58:22,225 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:58:22,226 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2022-11-25 17:58:22,227 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=83, Invalid=483, Unknown=6, NotChecked=240, Total=812 [2022-11-25 17:58:22,227 INFO L87 Difference]: Start difference. First operand 36 states and 44 transitions. Second operand has 27 states, 25 states have (on average 1.64) internal successors, (41), 23 states have internal predecessors, (41), 5 states have call successors, (5), 2 states have call predecessors, (5), 7 states have return successors, (9), 8 states have call predecessors, (9), 5 states have call successors, (9) [2022-11-25 17:58:24,679 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:58:24,680 INFO L93 Difference]: Finished difference Result 59 states and 73 transitions. [2022-11-25 17:58:24,680 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 23 states. [2022-11-25 17:58:24,681 INFO L78 Accepts]: Start accepts. Automaton has has 27 states, 25 states have (on average 1.64) internal successors, (41), 23 states have internal predecessors, (41), 5 states have call successors, (5), 2 states have call predecessors, (5), 7 states have return successors, (9), 8 states have call predecessors, (9), 5 states have call successors, (9) Word has length 44 [2022-11-25 17:58:24,681 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:58:24,682 INFO L225 Difference]: With dead ends: 59 [2022-11-25 17:58:24,682 INFO L226 Difference]: Without dead ends: 59 [2022-11-25 17:58:24,684 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 111 GetRequests, 62 SyntacticMatches, 3 SemanticMatches, 46 ConstructedPredicates, 5 IntricatePredicates, 0 DeprecatedPredicates, 352 ImplicationChecksByTransitivity, 6.7s TimeCoverageRelationStatistics Valid=214, Invalid=1606, Unknown=6, NotChecked=430, Total=2256 [2022-11-25 17:58:24,685 INFO L413 NwaCegarLoop]: 20 mSDtfsCounter, 55 mSDsluCounter, 132 mSDsCounter, 0 mSdLazyCounter, 641 mSolverCounterSat, 30 mSolverCounterUnsat, 4 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 58 SdHoareTripleChecker+Valid, 152 SdHoareTripleChecker+Invalid, 960 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 641 IncrementalHoareTripleChecker+Invalid, 4 IncrementalHoareTripleChecker+Unknown, 285 IncrementalHoareTripleChecker+Unchecked, 1.3s IncrementalHoareTripleChecker+Time [2022-11-25 17:58:24,685 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [58 Valid, 152 Invalid, 960 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [30 Valid, 641 Invalid, 4 Unknown, 285 Unchecked, 1.3s Time] [2022-11-25 17:58:24,686 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2022-11-25 17:58:24,691 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 39. [2022-11-25 17:58:24,691 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 39 states, 29 states have (on average 1.103448275862069) internal successors, (32), 31 states have internal predecessors, (32), 6 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (11), 6 states have call predecessors, (11), 6 states have call successors, (11) [2022-11-25 17:58:24,692 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 39 states to 39 states and 49 transitions. [2022-11-25 17:58:24,693 INFO L78 Accepts]: Start accepts. Automaton has 39 states and 49 transitions. Word has length 44 [2022-11-25 17:58:24,693 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:58:24,693 INFO L495 AbstractCegarLoop]: Abstraction has 39 states and 49 transitions. [2022-11-25 17:58:24,699 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 27 states, 25 states have (on average 1.64) internal successors, (41), 23 states have internal predecessors, (41), 5 states have call successors, (5), 2 states have call predecessors, (5), 7 states have return successors, (9), 8 states have call predecessors, (9), 5 states have call successors, (9) [2022-11-25 17:58:24,699 INFO L276 IsEmpty]: Start isEmpty. Operand 39 states and 49 transitions. [2022-11-25 17:58:24,701 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2022-11-25 17:58:24,701 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:58:24,701 INFO L195 NwaCegarLoop]: trace histogram [5, 5, 5, 4, 4, 4, 4, 4, 4, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:58:24,711 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (15)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:24,912 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (14)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:25,102 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 15 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt,14 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:25,102 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:58:25,103 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:58:25,103 INFO L85 PathProgramCache]: Analyzing trace with hash -206900218, now seen corresponding path program 2 times [2022-11-25 17:58:25,103 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:58:25,103 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [306196391] [2022-11-25 17:58:25,104 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2022-11-25 17:58:25,104 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:25,104 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:58:25,105 INFO L229 MonitoredProcess]: Starting monitored process 16 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:58:25,107 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (16)] Waiting until timeout for monitored process [2022-11-25 17:58:25,257 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2022-11-25 17:58:25,257 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:58:25,265 INFO L263 TraceCheckSpWp]: Trace formula consists of 182 conjuncts, 7 conjunts are in the unsatisfiable core [2022-11-25 17:58:25,267 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:25,507 INFO L134 CoverageAnalysis]: Checked inductivity of 74 backedges. 0 proven. 34 refuted. 0 times theorem prover too weak. 40 trivial. 0 not checked. [2022-11-25 17:58:25,507 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:25,837 INFO L134 CoverageAnalysis]: Checked inductivity of 74 backedges. 0 proven. 34 refuted. 0 times theorem prover too weak. 40 trivial. 0 not checked. [2022-11-25 17:58:25,837 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:58:25,837 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [306196391] [2022-11-25 17:58:25,838 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [306196391] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-25 17:58:25,838 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:58:25,838 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8] total 14 [2022-11-25 17:58:25,838 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [54712325] [2022-11-25 17:58:25,838 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:58:25,839 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-25 17:58:25,839 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:58:25,840 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-25 17:58:25,840 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=61, Invalid=121, Unknown=0, NotChecked=0, Total=182 [2022-11-25 17:58:25,841 INFO L87 Difference]: Start difference. First operand 39 states and 49 transitions. Second operand has 14 states, 14 states have (on average 3.2857142857142856) internal successors, (46), 14 states have internal predecessors, (46), 10 states have call successors, (10), 1 states have call predecessors, (10), 1 states have return successors, (10), 10 states have call predecessors, (10), 10 states have call successors, (10) [2022-11-25 17:58:26,561 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:58:26,561 INFO L93 Difference]: Finished difference Result 71 states and 91 transitions. [2022-11-25 17:58:26,563 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-25 17:58:26,563 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 3.2857142857142856) internal successors, (46), 14 states have internal predecessors, (46), 10 states have call successors, (10), 1 states have call predecessors, (10), 1 states have return successors, (10), 10 states have call predecessors, (10), 10 states have call successors, (10) Word has length 48 [2022-11-25 17:58:26,564 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:58:26,565 INFO L225 Difference]: With dead ends: 71 [2022-11-25 17:58:26,565 INFO L226 Difference]: Without dead ends: 71 [2022-11-25 17:58:26,566 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 99 GetRequests, 82 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=131, Invalid=211, Unknown=0, NotChecked=0, Total=342 [2022-11-25 17:58:26,567 INFO L413 NwaCegarLoop]: 32 mSDtfsCounter, 74 mSDsluCounter, 120 mSDsCounter, 0 mSdLazyCounter, 171 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 152 SdHoareTripleChecker+Invalid, 185 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 171 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-25 17:58:26,567 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [75 Valid, 152 Invalid, 185 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 171 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-11-25 17:58:26,568 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2022-11-25 17:58:26,575 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 66. [2022-11-25 17:58:26,575 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 51 states have (on average 1.1568627450980393) internal successors, (59), 53 states have internal predecessors, (59), 11 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (21), 11 states have call predecessors, (21), 11 states have call successors, (21) [2022-11-25 17:58:26,577 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 91 transitions. [2022-11-25 17:58:26,577 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 91 transitions. Word has length 48 [2022-11-25 17:58:26,577 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:58:26,578 INFO L495 AbstractCegarLoop]: Abstraction has 66 states and 91 transitions. [2022-11-25 17:58:26,578 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 3.2857142857142856) internal successors, (46), 14 states have internal predecessors, (46), 10 states have call successors, (10), 1 states have call predecessors, (10), 1 states have return successors, (10), 10 states have call predecessors, (10), 10 states have call successors, (10) [2022-11-25 17:58:26,578 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 91 transitions. [2022-11-25 17:58:26,579 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2022-11-25 17:58:26,580 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:58:26,580 INFO L195 NwaCegarLoop]: trace histogram [6, 6, 6, 5, 5, 5, 5, 4, 4, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:58:26,601 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (16)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:26,795 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 16 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:26,796 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:58:26,796 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:58:26,796 INFO L85 PathProgramCache]: Analyzing trace with hash 845314608, now seen corresponding path program 4 times [2022-11-25 17:58:26,796 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:58:26,797 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [815894876] [2022-11-25 17:58:26,797 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2022-11-25 17:58:26,797 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:26,797 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:58:26,798 INFO L229 MonitoredProcess]: Starting monitored process 17 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:58:26,803 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (17)] Waiting until timeout for monitored process [2022-11-25 17:58:26,982 INFO L228 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2022-11-25 17:58:26,982 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:58:26,990 INFO L263 TraceCheckSpWp]: Trace formula consists of 201 conjuncts, 52 conjunts are in the unsatisfiable core [2022-11-25 17:58:26,994 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:27,021 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:58:27,030 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:58:27,210 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_290 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_290) |c_#length|)))) is different from true [2022-11-25 17:58:27,238 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:27,240 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:27,258 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:27,259 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:27,448 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_291 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_291) |c_#length|)))) is different from true [2022-11-25 17:58:27,470 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:27,471 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:27,484 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:27,485 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:27,661 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_292 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_292) |c_#length|)))) is different from true [2022-11-25 17:58:27,704 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:27,705 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:27,725 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:27,725 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:27,914 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_293 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_293) |c_#length|)))) is different from true [2022-11-25 17:58:27,940 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:27,941 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:27,963 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:27,964 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:28,170 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_294 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_294) |c_#length|)))) is different from true [2022-11-25 17:58:28,197 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:28,198 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:28,218 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:28,218 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:28,279 INFO L134 CoverageAnalysis]: Checked inductivity of 106 backedges. 5 proven. 51 refuted. 0 times theorem prover too weak. 20 trivial. 30 not checked. [2022-11-25 17:58:28,279 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:28,912 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:58:28,912 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [815894876] [2022-11-25 17:58:28,912 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [815894876] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:58:28,912 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [756476951] [2022-11-25 17:58:28,912 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2022-11-25 17:58:28,912 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-11-25 17:58:28,913 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 [2022-11-25 17:58:28,914 INFO L229 MonitoredProcess]: Starting monitored process 18 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-11-25 17:58:28,916 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (18)] Waiting until timeout for monitored process [2022-11-25 17:58:29,265 INFO L228 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2022-11-25 17:58:29,266 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:58:29,272 INFO L263 TraceCheckSpWp]: Trace formula consists of 201 conjuncts, 52 conjunts are in the unsatisfiable core [2022-11-25 17:58:29,285 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:29,299 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:58:29,310 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:58:29,417 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_336 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_336))))) is different from true [2022-11-25 17:58:29,446 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:29,447 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:29,471 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:29,472 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:29,585 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_337 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_337))) (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)))) is different from true [2022-11-25 17:58:29,616 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:29,617 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:29,639 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:29,639 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:29,730 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_338 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_338) |c_#length|)))) is different from true [2022-11-25 17:58:29,756 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:29,758 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:29,778 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:29,778 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:29,873 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_339 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_339) |c_#length|)) (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)))) is different from true [2022-11-25 17:58:29,902 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:29,903 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:29,921 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:29,921 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:30,015 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_340 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_340) |c_#length|)))) is different from true [2022-11-25 17:58:30,040 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:30,041 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:30,063 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:30,064 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:30,084 INFO L134 CoverageAnalysis]: Checked inductivity of 106 backedges. 5 proven. 51 refuted. 0 times theorem prover too weak. 20 trivial. 30 not checked. [2022-11-25 17:58:30,084 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:31,457 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [756476951] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:58:31,458 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:58:31,458 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [21, 21] total 26 [2022-11-25 17:58:31,458 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [396316660] [2022-11-25 17:58:31,458 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:58:31,459 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 27 states [2022-11-25 17:58:31,459 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:58:31,460 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2022-11-25 17:58:31,461 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=75, Invalid=297, Unknown=10, NotChecked=430, Total=812 [2022-11-25 17:58:31,461 INFO L87 Difference]: Start difference. First operand 66 states and 91 transitions. Second operand has 27 states, 25 states have (on average 1.88) internal successors, (47), 26 states have internal predecessors, (47), 6 states have call successors, (6), 2 states have call predecessors, (6), 11 states have return successors, (11), 6 states have call predecessors, (11), 6 states have call successors, (11) [2022-11-25 17:58:33,546 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:58:33,547 INFO L93 Difference]: Finished difference Result 76 states and 100 transitions. [2022-11-25 17:58:33,547 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2022-11-25 17:58:33,548 INFO L78 Accepts]: Start accepts. Automaton has has 27 states, 25 states have (on average 1.88) internal successors, (47), 26 states have internal predecessors, (47), 6 states have call successors, (6), 2 states have call predecessors, (6), 11 states have return successors, (11), 6 states have call predecessors, (11), 6 states have call successors, (11) Word has length 53 [2022-11-25 17:58:33,548 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:58:33,550 INFO L225 Difference]: With dead ends: 76 [2022-11-25 17:58:33,551 INFO L226 Difference]: Without dead ends: 76 [2022-11-25 17:58:33,551 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 123 GetRequests, 82 SyntacticMatches, 1 SemanticMatches, 40 ConstructedPredicates, 10 IntricatePredicates, 0 DeprecatedPredicates, 100 ImplicationChecksByTransitivity, 3.0s TimeCoverageRelationStatistics Valid=152, Invalid=870, Unknown=10, NotChecked=690, Total=1722 [2022-11-25 17:58:33,552 INFO L413 NwaCegarLoop]: 25 mSDtfsCounter, 41 mSDsluCounter, 191 mSDsCounter, 0 mSdLazyCounter, 583 mSolverCounterSat, 19 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 44 SdHoareTripleChecker+Valid, 216 SdHoareTripleChecker+Invalid, 1202 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 19 IncrementalHoareTripleChecker+Valid, 583 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 600 IncrementalHoareTripleChecker+Unchecked, 1.2s IncrementalHoareTripleChecker+Time [2022-11-25 17:58:33,552 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [44 Valid, 216 Invalid, 1202 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [19 Valid, 583 Invalid, 0 Unknown, 600 Unchecked, 1.2s Time] [2022-11-25 17:58:33,553 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 76 states. [2022-11-25 17:58:33,560 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 76 to 66. [2022-11-25 17:58:33,560 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 51 states have (on average 1.1372549019607843) internal successors, (58), 53 states have internal predecessors, (58), 11 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (21), 11 states have call predecessors, (21), 11 states have call successors, (21) [2022-11-25 17:58:33,562 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 90 transitions. [2022-11-25 17:58:33,562 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 90 transitions. Word has length 53 [2022-11-25 17:58:33,562 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:58:33,563 INFO L495 AbstractCegarLoop]: Abstraction has 66 states and 90 transitions. [2022-11-25 17:58:33,563 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 27 states, 25 states have (on average 1.88) internal successors, (47), 26 states have internal predecessors, (47), 6 states have call successors, (6), 2 states have call predecessors, (6), 11 states have return successors, (11), 6 states have call predecessors, (11), 6 states have call successors, (11) [2022-11-25 17:58:33,563 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 90 transitions. [2022-11-25 17:58:33,565 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2022-11-25 17:58:33,565 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:58:33,565 INFO L195 NwaCegarLoop]: trace histogram [7, 7, 7, 6, 6, 6, 6, 5, 5, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:58:33,581 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (17)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:33,779 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (18)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:33,975 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 17 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3,18 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt [2022-11-25 17:58:33,976 INFO L420 AbstractCegarLoop]: === Iteration 13 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:58:33,976 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:58:33,976 INFO L85 PathProgramCache]: Analyzing trace with hash -1540616881, now seen corresponding path program 5 times [2022-11-25 17:58:33,976 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:58:33,976 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1692748798] [2022-11-25 17:58:33,977 INFO L93 rtionOrderModulation]: Changing assertion order to INSIDE_LOOP_FIRST1 [2022-11-25 17:58:33,977 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:33,977 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:58:33,980 INFO L229 MonitoredProcess]: Starting monitored process 19 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:58:33,982 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (19)] Waiting until timeout for monitored process [2022-11-25 17:58:34,278 INFO L228 tOrderPrioritization]: Assert order INSIDE_LOOP_FIRST1 issued 7 check-sat command(s) [2022-11-25 17:58:34,278 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:58:34,290 INFO L263 TraceCheckSpWp]: Trace formula consists of 236 conjuncts, 64 conjunts are in the unsatisfiable core [2022-11-25 17:58:34,297 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:34,326 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:58:34,587 INFO L321 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-11-25 17:58:34,588 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 18 [2022-11-25 17:58:35,072 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_391 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_391) |c_#length|)))) is different from true [2022-11-25 17:58:35,112 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:35,144 INFO L321 Elim1Store]: treesize reduction 19, result has 32.1 percent of original size [2022-11-25 17:58:35,145 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 24 treesize of output 31 [2022-11-25 17:58:35,171 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:35,172 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:35,517 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_392 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_392) |c_#length|)))) is different from true [2022-11-25 17:58:35,541 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:35,542 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:35,553 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:35,554 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:35,800 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_393 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_393))))) is different from true [2022-11-25 17:58:35,823 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:35,825 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:35,844 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:35,844 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:36,071 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_394 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_394) |c_#length|)))) is different from true [2022-11-25 17:58:36,098 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:36,103 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:36,125 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:36,125 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:36,329 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_395 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_395))))) is different from true [2022-11-25 17:58:36,349 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:36,350 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:36,367 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:36,367 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:36,440 INFO L134 CoverageAnalysis]: Checked inductivity of 154 backedges. 12 proven. 82 refuted. 0 times theorem prover too weak. 20 trivial. 40 not checked. [2022-11-25 17:58:36,440 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:41,135 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:58:41,135 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1692748798] [2022-11-25 17:58:41,135 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1692748798] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:58:41,136 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1607402841] [2022-11-25 17:58:41,136 INFO L93 rtionOrderModulation]: Changing assertion order to INSIDE_LOOP_FIRST1 [2022-11-25 17:58:41,136 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-11-25 17:58:41,136 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 [2022-11-25 17:58:41,140 INFO L229 MonitoredProcess]: Starting monitored process 20 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-11-25 17:58:41,151 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (20)] Waiting until timeout for monitored process [2022-11-25 17:58:41,754 INFO L228 tOrderPrioritization]: Assert order INSIDE_LOOP_FIRST1 issued 7 check-sat command(s) [2022-11-25 17:58:41,754 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:58:41,786 INFO L263 TraceCheckSpWp]: Trace formula consists of 236 conjuncts, 65 conjunts are in the unsatisfiable core [2022-11-25 17:58:41,791 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:41,804 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:58:41,902 INFO L321 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-11-25 17:58:41,902 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 18 [2022-11-25 17:58:42,083 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_446 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_446) |c_#length|)))) is different from true [2022-11-25 17:58:42,121 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:42,159 INFO L321 Elim1Store]: treesize reduction 19, result has 32.1 percent of original size [2022-11-25 17:58:42,159 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 24 treesize of output 31 [2022-11-25 17:58:42,188 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:42,188 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:42,363 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_447 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_447) |c_#length|)) (exists ((v_ArrVal_448 (_ BitVec 1))) (= |c_#valid| (store |c_old(#valid)| |ldv_malloc_#res.base| v_ArrVal_448))))) is different from true [2022-11-25 17:58:42,397 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:42,398 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:42,433 INFO L321 Elim1Store]: treesize reduction 22, result has 35.3 percent of original size [2022-11-25 17:58:42,434 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 27 [2022-11-25 17:58:42,547 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_450 (_ BitVec 1))) (= |c_#valid| (store |c_old(#valid)| |ldv_malloc_#res.base| v_ArrVal_450))) (exists ((v_ArrVal_449 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_449) |c_#length|)))) is different from true [2022-11-25 17:58:42,610 INFO L321 Elim1Store]: treesize reduction 22, result has 35.3 percent of original size [2022-11-25 17:58:42,611 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 27 [2022-11-25 17:58:42,624 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:42,735 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_451 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_451))))) is different from true [2022-11-25 17:58:42,762 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:42,763 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:42,778 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:42,779 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:42,873 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_452 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_452))))) is different from true [2022-11-25 17:58:42,910 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:42,911 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:42,924 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:42,925 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:42,941 INFO L134 CoverageAnalysis]: Checked inductivity of 154 backedges. 12 proven. 82 refuted. 0 times theorem prover too weak. 20 trivial. 40 not checked. [2022-11-25 17:58:42,941 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:43,455 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1607402841] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:58:43,455 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:58:43,455 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [29, 27] total 34 [2022-11-25 17:58:43,459 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [177166353] [2022-11-25 17:58:43,459 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:58:43,460 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 35 states [2022-11-25 17:58:43,461 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:58:43,462 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 35 interpolants. [2022-11-25 17:58:43,463 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=99, Invalid=632, Unknown=11, NotChecked=590, Total=1332 [2022-11-25 17:58:43,464 INFO L87 Difference]: Start difference. First operand 66 states and 90 transitions. Second operand has 35 states, 33 states have (on average 1.7575757575757576) internal successors, (58), 32 states have internal predecessors, (58), 7 states have call successors, (7), 3 states have call predecessors, (7), 12 states have return successors, (12), 9 states have call predecessors, (12), 7 states have call successors, (12) [2022-11-25 17:58:47,041 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:58:47,042 INFO L93 Difference]: Finished difference Result 74 states and 99 transitions. [2022-11-25 17:58:47,042 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2022-11-25 17:58:47,043 INFO L78 Accepts]: Start accepts. Automaton has has 35 states, 33 states have (on average 1.7575757575757576) internal successors, (58), 32 states have internal predecessors, (58), 7 states have call successors, (7), 3 states have call predecessors, (7), 12 states have return successors, (12), 9 states have call predecessors, (12), 7 states have call successors, (12) Word has length 62 [2022-11-25 17:58:47,043 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:58:47,044 INFO L225 Difference]: With dead ends: 74 [2022-11-25 17:58:47,044 INFO L226 Difference]: Without dead ends: 74 [2022-11-25 17:58:47,045 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 143 GetRequests, 92 SyntacticMatches, 1 SemanticMatches, 50 ConstructedPredicates, 10 IntricatePredicates, 0 DeprecatedPredicates, 209 ImplicationChecksByTransitivity, 7.4s TimeCoverageRelationStatistics Valid=194, Invalid=1557, Unknown=11, NotChecked=890, Total=2652 [2022-11-25 17:58:47,046 INFO L413 NwaCegarLoop]: 23 mSDtfsCounter, 56 mSDsluCounter, 220 mSDsCounter, 0 mSdLazyCounter, 1025 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 243 SdHoareTripleChecker+Invalid, 1709 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 1025 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 650 IncrementalHoareTripleChecker+Unchecked, 2.2s IncrementalHoareTripleChecker+Time [2022-11-25 17:58:47,046 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 243 Invalid, 1709 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 1025 Invalid, 0 Unknown, 650 Unchecked, 2.2s Time] [2022-11-25 17:58:47,047 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 74 states. [2022-11-25 17:58:47,054 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 74 to 66. [2022-11-25 17:58:47,054 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 51 states have (on average 1.1176470588235294) internal successors, (57), 53 states have internal predecessors, (57), 11 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (21), 11 states have call predecessors, (21), 11 states have call successors, (21) [2022-11-25 17:58:47,055 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 89 transitions. [2022-11-25 17:58:47,055 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 89 transitions. Word has length 62 [2022-11-25 17:58:47,056 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:58:47,056 INFO L495 AbstractCegarLoop]: Abstraction has 66 states and 89 transitions. [2022-11-25 17:58:47,056 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 35 states, 33 states have (on average 1.7575757575757576) internal successors, (58), 32 states have internal predecessors, (58), 7 states have call successors, (7), 3 states have call predecessors, (7), 12 states have return successors, (12), 9 states have call predecessors, (12), 7 states have call successors, (12) [2022-11-25 17:58:47,057 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 89 transitions. [2022-11-25 17:58:47,058 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 72 [2022-11-25 17:58:47,058 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:58:47,058 INFO L195 NwaCegarLoop]: trace histogram [8, 8, 8, 7, 7, 7, 7, 6, 6, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:58:47,071 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (20)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:47,278 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (19)] Forceful destruction successful, exit code 0 [2022-11-25 17:58:47,467 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 20 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt,19 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:47,468 INFO L420 AbstractCegarLoop]: === Iteration 14 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:58:47,468 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:58:47,468 INFO L85 PathProgramCache]: Analyzing trace with hash -446919408, now seen corresponding path program 6 times [2022-11-25 17:58:47,469 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:58:47,469 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1782942223] [2022-11-25 17:58:47,469 INFO L93 rtionOrderModulation]: Changing assertion order to MIX_INSIDE_OUTSIDE [2022-11-25 17:58:47,469 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:58:47,469 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:58:47,471 INFO L229 MonitoredProcess]: Starting monitored process 21 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:58:47,491 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (21)] Waiting until timeout for monitored process [2022-11-25 17:58:47,958 INFO L228 tOrderPrioritization]: Assert order MIX_INSIDE_OUTSIDE issued 8 check-sat command(s) [2022-11-25 17:58:47,958 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:58:47,970 INFO L263 TraceCheckSpWp]: Trace formula consists of 271 conjuncts, 70 conjunts are in the unsatisfiable core [2022-11-25 17:58:47,976 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:47,997 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:58:48,005 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:58:48,197 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_510 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_510) |c_#length|)))) is different from true [2022-11-25 17:58:48,227 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:48,228 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:48,244 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:48,244 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:48,403 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_511 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_511) |c_#length|)))) is different from true [2022-11-25 17:58:48,422 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:48,423 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:48,441 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:48,441 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:48,595 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_512 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_512) |c_#length|)))) is different from true [2022-11-25 17:58:48,623 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:48,624 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:48,642 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:48,643 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:48,836 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_513 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_513) |c_#length|)))) is different from true [2022-11-25 17:58:48,871 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:48,875 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:48,899 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:48,900 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:49,091 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_514 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_514))))) is different from true [2022-11-25 17:58:49,117 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:49,118 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:49,135 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:49,136 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:49,335 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_515 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_515) |c_#length|)))) is different from true [2022-11-25 17:58:49,355 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:49,356 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:49,375 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:49,375 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:49,577 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_516 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_516))))) is different from true [2022-11-25 17:58:49,600 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:49,601 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:49,617 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:49,617 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:49,701 INFO L134 CoverageAnalysis]: Checked inductivity of 211 backedges. 7 proven. 106 refuted. 0 times theorem prover too weak. 42 trivial. 56 not checked. [2022-11-25 17:58:49,702 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:51,659 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:58:51,659 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1782942223] [2022-11-25 17:58:51,659 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1782942223] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:58:51,660 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [2094689565] [2022-11-25 17:58:51,660 INFO L93 rtionOrderModulation]: Changing assertion order to MIX_INSIDE_OUTSIDE [2022-11-25 17:58:51,660 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-11-25 17:58:51,660 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 [2022-11-25 17:58:51,661 INFO L229 MonitoredProcess]: Starting monitored process 22 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-11-25 17:58:51,663 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (22)] Waiting until timeout for monitored process [2022-11-25 17:58:53,207 INFO L228 tOrderPrioritization]: Assert order MIX_INSIDE_OUTSIDE issued 8 check-sat command(s) [2022-11-25 17:58:53,207 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:58:53,219 INFO L263 TraceCheckSpWp]: Trace formula consists of 271 conjuncts, 81 conjunts are in the unsatisfiable core [2022-11-25 17:58:53,226 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:58:53,241 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:58:53,248 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:58:53,499 INFO L321 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-11-25 17:58:53,499 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 18 [2022-11-25 17:58:53,541 INFO L321 Elim1Store]: treesize reduction 22, result has 35.3 percent of original size [2022-11-25 17:58:53,542 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 27 [2022-11-25 17:58:54,077 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_578 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_578) |c_#length|)) (exists ((v_ArrVal_577 (_ BitVec 1))) (= (store |c_old(#valid)| |ldv_malloc_#res.base| v_ArrVal_577) |c_#valid|)))) is different from true [2022-11-25 17:58:54,193 INFO L321 Elim1Store]: treesize reduction 44, result has 34.3 percent of original size [2022-11-25 17:58:54,193 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 4 case distinctions, treesize of input 26 treesize of output 43 [2022-11-25 17:58:54,228 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 3 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:54,708 INFO L321 Elim1Store]: treesize reduction 44, result has 34.3 percent of original size [2022-11-25 17:58:54,708 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 4 case distinctions, treesize of input 26 treesize of output 43 [2022-11-25 17:58:54,744 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:55,509 INFO L321 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-11-25 17:58:55,509 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 18 [2022-11-25 17:58:55,572 INFO L321 Elim1Store]: treesize reduction 12, result has 42.9 percent of original size [2022-11-25 17:58:55,572 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 2 case distinctions, treesize of input 20 treesize of output 22 [2022-11-25 17:58:55,989 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:55,989 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:56,005 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:56,297 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_586 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_586) |c_#length|)) (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)))) is different from true [2022-11-25 17:58:56,321 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:56,322 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:56,337 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:56,337 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:56,430 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_587 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_587) |c_#length|)))) is different from true [2022-11-25 17:58:56,452 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:58:56,453 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:58:56,476 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:58:56,477 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:58:56,499 INFO L134 CoverageAnalysis]: Checked inductivity of 211 backedges. 7 proven. 120 refuted. 4 times theorem prover too weak. 44 trivial. 36 not checked. [2022-11-25 17:58:56,499 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:58:57,242 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [2094689565] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:58:57,242 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:58:57,242 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [27, 31] total 45 [2022-11-25 17:58:57,242 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1498878054] [2022-11-25 17:58:57,242 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:58:57,243 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 46 states [2022-11-25 17:58:57,243 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:58:57,244 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 46 interpolants. [2022-11-25 17:58:57,244 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=168, Invalid=1267, Unknown=11, NotChecked=810, Total=2256 [2022-11-25 17:58:57,244 INFO L87 Difference]: Start difference. First operand 66 states and 89 transitions. Second operand has 46 states, 44 states have (on average 1.75) internal successors, (77), 41 states have internal predecessors, (77), 11 states have call successors, (11), 2 states have call predecessors, (11), 14 states have return successors, (15), 13 states have call predecessors, (15), 11 states have call successors, (15) [2022-11-25 17:59:02,212 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:59:02,212 INFO L93 Difference]: Finished difference Result 101 states and 133 transitions. [2022-11-25 17:59:02,213 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2022-11-25 17:59:02,213 INFO L78 Accepts]: Start accepts. Automaton has has 46 states, 44 states have (on average 1.75) internal successors, (77), 41 states have internal predecessors, (77), 11 states have call successors, (11), 2 states have call predecessors, (11), 14 states have return successors, (15), 13 states have call predecessors, (15), 11 states have call successors, (15) Word has length 71 [2022-11-25 17:59:02,213 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:59:02,214 INFO L225 Difference]: With dead ends: 101 [2022-11-25 17:59:02,214 INFO L226 Difference]: Without dead ends: 101 [2022-11-25 17:59:02,216 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 169 GetRequests, 97 SyntacticMatches, 3 SemanticMatches, 69 ConstructedPredicates, 10 IntricatePredicates, 0 DeprecatedPredicates, 837 ImplicationChecksByTransitivity, 7.0s TimeCoverageRelationStatistics Valid=367, Invalid=3322, Unknown=11, NotChecked=1270, Total=4970 [2022-11-25 17:59:02,216 INFO L413 NwaCegarLoop]: 20 mSDtfsCounter, 104 mSDsluCounter, 169 mSDsCounter, 0 mSdLazyCounter, 1407 mSolverCounterSat, 72 mSolverCounterUnsat, 9 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 107 SdHoareTripleChecker+Valid, 189 SdHoareTripleChecker+Invalid, 2388 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 72 IncrementalHoareTripleChecker+Valid, 1407 IncrementalHoareTripleChecker+Invalid, 9 IncrementalHoareTripleChecker+Unknown, 900 IncrementalHoareTripleChecker+Unchecked, 2.7s IncrementalHoareTripleChecker+Time [2022-11-25 17:59:02,217 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [107 Valid, 189 Invalid, 2388 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [72 Valid, 1407 Invalid, 9 Unknown, 900 Unchecked, 2.7s Time] [2022-11-25 17:59:02,217 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 101 states. [2022-11-25 17:59:02,224 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 101 to 66. [2022-11-25 17:59:02,225 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 51 states have (on average 1.0980392156862746) internal successors, (56), 53 states have internal predecessors, (56), 11 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (21), 11 states have call predecessors, (21), 11 states have call successors, (21) [2022-11-25 17:59:02,226 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 88 transitions. [2022-11-25 17:59:02,226 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 88 transitions. Word has length 71 [2022-11-25 17:59:02,227 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:59:02,227 INFO L495 AbstractCegarLoop]: Abstraction has 66 states and 88 transitions. [2022-11-25 17:59:02,227 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 46 states, 44 states have (on average 1.75) internal successors, (77), 41 states have internal predecessors, (77), 11 states have call successors, (11), 2 states have call predecessors, (11), 14 states have return successors, (15), 13 states have call predecessors, (15), 11 states have call successors, (15) [2022-11-25 17:59:02,228 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 88 transitions. [2022-11-25 17:59:02,229 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 81 [2022-11-25 17:59:02,230 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:59:02,230 INFO L195 NwaCegarLoop]: trace histogram [9, 9, 9, 8, 8, 8, 8, 7, 7, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:59:02,245 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (21)] Forceful destruction successful, exit code 0 [2022-11-25 17:59:02,445 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (22)] Forceful destruction successful, exit code 0 [2022-11-25 17:59:02,639 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 21 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3,22 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt [2022-11-25 17:59:02,640 INFO L420 AbstractCegarLoop]: === Iteration 15 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:59:02,640 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:59:02,640 INFO L85 PathProgramCache]: Analyzing trace with hash -1800849809, now seen corresponding path program 7 times [2022-11-25 17:59:02,640 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:59:02,640 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1446312614] [2022-11-25 17:59:02,641 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2022-11-25 17:59:02,641 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:59:02,641 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:59:02,642 INFO L229 MonitoredProcess]: Starting monitored process 23 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:59:02,655 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (23)] Waiting until timeout for monitored process [2022-11-25 17:59:02,985 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 17:59:03,000 INFO L263 TraceCheckSpWp]: Trace formula consists of 306 conjuncts, 76 conjunts are in the unsatisfiable core [2022-11-25 17:59:03,006 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:59:03,030 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:59:03,045 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:59:03,241 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_653 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_653))))) is different from true [2022-11-25 17:59:03,269 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:03,270 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:03,287 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:03,287 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:03,481 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_654 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_654) |c_#length|)))) is different from true [2022-11-25 17:59:03,502 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:03,503 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:03,518 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:03,518 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:03,709 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_655 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_655) |c_#length|)))) is different from true [2022-11-25 17:59:03,738 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:03,739 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:03,757 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:03,758 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:03,935 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_656 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_656) |c_#length|)))) is different from true [2022-11-25 17:59:03,956 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:03,957 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:03,971 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:03,971 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:04,167 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_657 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_657))))) is different from true [2022-11-25 17:59:04,205 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:04,207 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:04,223 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:04,223 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:04,424 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_658 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_658))))) is different from true [2022-11-25 17:59:04,450 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:04,451 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:04,468 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:04,468 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:04,677 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_659 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_659) |c_#length|)))) is different from true [2022-11-25 17:59:04,698 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:04,699 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:04,717 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:04,717 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:04,933 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_660 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_660) |c_#length|)))) is different from true [2022-11-25 17:59:04,953 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:04,962 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:04,976 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:04,976 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:05,057 INFO L134 CoverageAnalysis]: Checked inductivity of 277 backedges. 8 proven. 141 refuted. 0 times theorem prover too weak. 56 trivial. 72 not checked. [2022-11-25 17:59:05,057 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:59:05,749 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:59:05,750 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1446312614] [2022-11-25 17:59:05,750 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1446312614] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:59:05,750 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [624688180] [2022-11-25 17:59:05,750 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2022-11-25 17:59:05,750 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-11-25 17:59:05,750 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 [2022-11-25 17:59:05,752 INFO L229 MonitoredProcess]: Starting monitored process 24 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-11-25 17:59:05,753 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (24)] Waiting until timeout for monitored process [2022-11-25 17:59:06,370 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 17:59:06,381 INFO L263 TraceCheckSpWp]: Trace formula consists of 306 conjuncts, 76 conjunts are in the unsatisfiable core [2022-11-25 17:59:06,395 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:59:06,407 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:59:06,416 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:59:06,517 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_726 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_726) |c_#length|)))) is different from true [2022-11-25 17:59:06,540 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:06,541 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:06,559 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:06,560 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:06,644 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_727 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_727) |c_#length|)))) is different from true [2022-11-25 17:59:06,680 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:06,681 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:06,695 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:06,696 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:06,784 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_728 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_728) |c_#length|)))) is different from true [2022-11-25 17:59:06,806 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:06,809 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:06,827 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:06,827 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:06,917 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_729 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_729) |c_#length|)))) is different from true [2022-11-25 17:59:06,943 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:06,944 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:06,961 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:06,962 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:07,068 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_730 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_730) |c_#length|)))) is different from true [2022-11-25 17:59:07,096 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:07,097 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:07,114 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:07,114 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:07,230 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_731 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_731) |c_#length|)))) is different from true [2022-11-25 17:59:07,254 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:07,256 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:07,272 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:07,272 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:07,380 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_732 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_732))))) is different from true [2022-11-25 17:59:07,408 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:07,409 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:07,431 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:07,431 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:07,531 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_733 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_733) |c_#length|)))) is different from true [2022-11-25 17:59:07,552 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:07,553 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:07,569 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:07,569 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:07,592 INFO L134 CoverageAnalysis]: Checked inductivity of 277 backedges. 8 proven. 141 refuted. 0 times theorem prover too weak. 56 trivial. 72 not checked. [2022-11-25 17:59:07,592 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:59:08,116 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [624688180] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:59:08,116 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:59:08,116 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [30, 30] total 38 [2022-11-25 17:59:08,116 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1640988577] [2022-11-25 17:59:08,116 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:59:08,117 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 39 states [2022-11-25 17:59:08,117 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:59:08,118 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 39 interpolants. [2022-11-25 17:59:08,119 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=111, Invalid=537, Unknown=16, NotChecked=976, Total=1640 [2022-11-25 17:59:08,120 INFO L87 Difference]: Start difference. First operand 66 states and 88 transitions. Second operand has 39 states, 37 states have (on average 1.9189189189189189) internal successors, (71), 38 states have internal predecessors, (71), 9 states have call successors, (9), 2 states have call predecessors, (9), 17 states have return successors, (17), 9 states have call predecessors, (17), 9 states have call successors, (17) [2022-11-25 17:59:12,063 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:59:12,063 INFO L93 Difference]: Finished difference Result 82 states and 103 transitions. [2022-11-25 17:59:12,064 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 23 states. [2022-11-25 17:59:12,064 INFO L78 Accepts]: Start accepts. Automaton has has 39 states, 37 states have (on average 1.9189189189189189) internal successors, (71), 38 states have internal predecessors, (71), 9 states have call successors, (9), 2 states have call predecessors, (9), 17 states have return successors, (17), 9 states have call predecessors, (17), 9 states have call successors, (17) Word has length 80 [2022-11-25 17:59:12,065 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:59:12,066 INFO L225 Difference]: With dead ends: 82 [2022-11-25 17:59:12,066 INFO L226 Difference]: Without dead ends: 82 [2022-11-25 17:59:12,067 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 183 GetRequests, 124 SyntacticMatches, 1 SemanticMatches, 58 ConstructedPredicates, 16 IntricatePredicates, 0 DeprecatedPredicates, 229 ImplicationChecksByTransitivity, 3.7s TimeCoverageRelationStatistics Valid=227, Invalid=1713, Unknown=16, NotChecked=1584, Total=3540 [2022-11-25 17:59:12,068 INFO L413 NwaCegarLoop]: 34 mSDtfsCounter, 57 mSDsluCounter, 297 mSDsCounter, 0 mSdLazyCounter, 933 mSolverCounterSat, 33 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 331 SdHoareTripleChecker+Invalid, 2293 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 33 IncrementalHoareTripleChecker+Valid, 933 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 1327 IncrementalHoareTripleChecker+Unchecked, 2.0s IncrementalHoareTripleChecker+Time [2022-11-25 17:59:12,069 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 331 Invalid, 2293 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [33 Valid, 933 Invalid, 0 Unknown, 1327 Unchecked, 2.0s Time] [2022-11-25 17:59:12,069 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states. [2022-11-25 17:59:12,075 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 66. [2022-11-25 17:59:12,076 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 51 states have (on average 1.0784313725490196) internal successors, (55), 53 states have internal predecessors, (55), 11 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (21), 11 states have call predecessors, (21), 11 states have call successors, (21) [2022-11-25 17:59:12,077 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 87 transitions. [2022-11-25 17:59:12,077 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 87 transitions. Word has length 80 [2022-11-25 17:59:12,078 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:59:12,078 INFO L495 AbstractCegarLoop]: Abstraction has 66 states and 87 transitions. [2022-11-25 17:59:12,078 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 39 states, 37 states have (on average 1.9189189189189189) internal successors, (71), 38 states have internal predecessors, (71), 9 states have call successors, (9), 2 states have call predecessors, (9), 17 states have return successors, (17), 9 states have call predecessors, (17), 9 states have call successors, (17) [2022-11-25 17:59:12,078 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 87 transitions. [2022-11-25 17:59:12,080 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 90 [2022-11-25 17:59:12,080 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:59:12,080 INFO L195 NwaCegarLoop]: trace histogram [10, 10, 10, 9, 9, 9, 9, 8, 8, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:59:12,087 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (24)] Forceful destruction successful, exit code 0 [2022-11-25 17:59:12,298 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (23)] Forceful destruction successful, exit code 0 [2022-11-25 17:59:12,487 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 24 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt,23 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:59:12,487 INFO L420 AbstractCegarLoop]: === Iteration 16 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:59:12,488 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:59:12,488 INFO L85 PathProgramCache]: Analyzing trace with hash 2110498800, now seen corresponding path program 8 times [2022-11-25 17:59:12,488 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:59:12,488 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [1651062361] [2022-11-25 17:59:12,489 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2022-11-25 17:59:12,489 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:59:12,489 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:59:12,491 INFO L229 MonitoredProcess]: Starting monitored process 25 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:59:12,507 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (25)] Waiting until timeout for monitored process [2022-11-25 17:59:12,897 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2022-11-25 17:59:12,898 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:59:12,916 INFO L263 TraceCheckSpWp]: Trace formula consists of 341 conjuncts, 84 conjunts are in the unsatisfiable core [2022-11-25 17:59:12,924 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:59:12,945 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:59:12,966 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:59:13,174 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_807 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_807) |c_#length|)))) is different from true [2022-11-25 17:59:13,197 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:13,199 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:13,218 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:13,218 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:13,386 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_808 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_808))))) is different from true [2022-11-25 17:59:13,429 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:13,430 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:13,453 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:13,453 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:13,631 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_809 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_809) |c_#length|)))) is different from true [2022-11-25 17:59:13,657 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:13,659 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:13,674 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:13,674 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:13,855 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_810 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_810) |c_#length|)))) is different from true [2022-11-25 17:59:13,883 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:13,884 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:13,897 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:13,898 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:14,075 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_811 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_811) |c_#length|)))) is different from true [2022-11-25 17:59:14,097 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:14,098 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:14,115 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:14,115 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:14,301 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_812 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_812) |c_#length|)))) is different from true [2022-11-25 17:59:14,328 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:14,329 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:14,346 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:14,346 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:14,582 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_813 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_813) |c_#length|)))) is different from true [2022-11-25 17:59:14,607 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:14,608 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:14,630 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:14,630 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:14,865 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_814 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_814) |c_#length|)) (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)))) is different from true [2022-11-25 17:59:14,892 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:14,893 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:14,915 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:14,915 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:15,146 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_815 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_815) |c_#length|)))) is different from true [2022-11-25 17:59:15,174 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:15,175 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:15,192 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:15,193 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:15,290 INFO L134 CoverageAnalysis]: Checked inductivity of 352 backedges. 9 proven. 181 refuted. 0 times theorem prover too weak. 72 trivial. 90 not checked. [2022-11-25 17:59:15,290 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:59:19,964 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:59:19,965 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [1651062361] [2022-11-25 17:59:19,965 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [1651062361] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:59:19,965 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [1870772783] [2022-11-25 17:59:19,965 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2022-11-25 17:59:19,965 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-11-25 17:59:19,965 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 [2022-11-25 17:59:19,966 INFO L229 MonitoredProcess]: Starting monitored process 26 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-11-25 17:59:19,968 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (26)] Waiting until timeout for monitored process [2022-11-25 17:59:20,455 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2022-11-25 17:59:20,456 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:59:20,481 INFO L263 TraceCheckSpWp]: Trace formula consists of 341 conjuncts, 85 conjunts are in the unsatisfiable core [2022-11-25 17:59:20,486 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:59:20,495 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:59:20,501 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:59:20,590 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_889 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_889) |c_#length|)))) is different from true [2022-11-25 17:59:20,611 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:20,611 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:20,637 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:20,638 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:20,731 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_890 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_890) |c_#length|)))) is different from true [2022-11-25 17:59:20,752 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:20,753 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:20,771 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:20,772 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:20,863 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_891 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_891) |c_#length|)))) is different from true [2022-11-25 17:59:20,887 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:20,888 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:20,902 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:20,902 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:20,989 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_892 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_892))))) is different from true [2022-11-25 17:59:21,009 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:21,012 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:21,028 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:21,029 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:21,117 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_893 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_893))))) is different from true [2022-11-25 17:59:21,139 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:21,140 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:21,153 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:21,156 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:21,231 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_894 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_894))))) is different from true [2022-11-25 17:59:21,249 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:21,253 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:21,267 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:21,267 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:21,347 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_895 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_895))))) is different from true [2022-11-25 17:59:21,368 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:21,369 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:21,384 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:21,385 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:21,451 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_896 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_896))))) is different from true [2022-11-25 17:59:21,477 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:21,478 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:21,494 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:21,495 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:21,594 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_897 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_897))))) is different from true [2022-11-25 17:59:21,620 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:21,621 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:21,633 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:21,633 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:21,647 INFO L134 CoverageAnalysis]: Checked inductivity of 352 backedges. 9 proven. 181 refuted. 0 times theorem prover too weak. 72 trivial. 90 not checked. [2022-11-25 17:59:21,648 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:59:24,361 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [1870772783] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:59:24,361 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:59:24,361 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [33, 33] total 42 [2022-11-25 17:59:24,361 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1804851394] [2022-11-25 17:59:24,362 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:59:24,362 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 43 states [2022-11-25 17:59:24,362 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:59:24,363 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 43 interpolants. [2022-11-25 17:59:24,364 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=123, Invalid=632, Unknown=19, NotChecked=1206, Total=1980 [2022-11-25 17:59:24,364 INFO L87 Difference]: Start difference. First operand 66 states and 87 transitions. Second operand has 43 states, 41 states have (on average 1.9268292682926829) internal successors, (79), 42 states have internal predecessors, (79), 10 states have call successors, (10), 2 states have call predecessors, (10), 19 states have return successors, (19), 10 states have call predecessors, (19), 10 states have call successors, (19) [2022-11-25 17:59:28,932 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 17:59:28,932 INFO L93 Difference]: Finished difference Result 84 states and 104 transitions. [2022-11-25 17:59:28,933 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2022-11-25 17:59:28,933 INFO L78 Accepts]: Start accepts. Automaton has has 43 states, 41 states have (on average 1.9268292682926829) internal successors, (79), 42 states have internal predecessors, (79), 10 states have call successors, (10), 2 states have call predecessors, (10), 19 states have return successors, (19), 10 states have call predecessors, (19), 10 states have call successors, (19) Word has length 89 [2022-11-25 17:59:28,934 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 17:59:28,934 INFO L225 Difference]: With dead ends: 84 [2022-11-25 17:59:28,934 INFO L226 Difference]: Without dead ends: 84 [2022-11-25 17:59:28,937 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 203 GetRequests, 138 SyntacticMatches, 1 SemanticMatches, 64 ConstructedPredicates, 18 IntricatePredicates, 0 DeprecatedPredicates, 284 ImplicationChecksByTransitivity, 10.4s TimeCoverageRelationStatistics Valid=252, Invalid=2057, Unknown=19, NotChecked=1962, Total=4290 [2022-11-25 17:59:28,938 INFO L413 NwaCegarLoop]: 37 mSDtfsCounter, 62 mSDsluCounter, 349 mSDsCounter, 0 mSdLazyCounter, 1106 mSolverCounterSat, 37 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 65 SdHoareTripleChecker+Valid, 386 SdHoareTripleChecker+Invalid, 2841 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 37 IncrementalHoareTripleChecker+Valid, 1106 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 1698 IncrementalHoareTripleChecker+Unchecked, 2.3s IncrementalHoareTripleChecker+Time [2022-11-25 17:59:28,938 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [65 Valid, 386 Invalid, 2841 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [37 Valid, 1106 Invalid, 0 Unknown, 1698 Unchecked, 2.3s Time] [2022-11-25 17:59:28,939 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 84 states. [2022-11-25 17:59:28,943 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 84 to 66. [2022-11-25 17:59:28,944 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 51 states have (on average 1.0588235294117647) internal successors, (54), 53 states have internal predecessors, (54), 11 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (21), 11 states have call predecessors, (21), 11 states have call successors, (21) [2022-11-25 17:59:28,945 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 86 transitions. [2022-11-25 17:59:28,945 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 86 transitions. Word has length 89 [2022-11-25 17:59:28,946 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 17:59:28,946 INFO L495 AbstractCegarLoop]: Abstraction has 66 states and 86 transitions. [2022-11-25 17:59:28,946 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 43 states, 41 states have (on average 1.9268292682926829) internal successors, (79), 42 states have internal predecessors, (79), 10 states have call successors, (10), 2 states have call predecessors, (10), 19 states have return successors, (19), 10 states have call predecessors, (19), 10 states have call successors, (19) [2022-11-25 17:59:28,946 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 86 transitions. [2022-11-25 17:59:28,948 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2022-11-25 17:59:28,948 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 17:59:28,948 INFO L195 NwaCegarLoop]: trace histogram [11, 11, 11, 10, 10, 10, 10, 9, 9, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 17:59:28,960 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (26)] Ended with exit code 0 [2022-11-25 17:59:29,177 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (25)] Forceful destruction successful, exit code 0 [2022-11-25 17:59:29,355 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 26 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt,25 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:59:29,355 INFO L420 AbstractCegarLoop]: === Iteration 17 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 17:59:29,356 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 17:59:29,356 INFO L85 PathProgramCache]: Analyzing trace with hash 1054496655, now seen corresponding path program 9 times [2022-11-25 17:59:29,356 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 17:59:29,356 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [568306460] [2022-11-25 17:59:29,356 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-25 17:59:29,356 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 17:59:29,357 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 17:59:29,357 INFO L229 MonitoredProcess]: Starting monitored process 27 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 17:59:29,366 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (27)] Waiting until timeout for monitored process [2022-11-25 17:59:30,108 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 11 check-sat command(s) [2022-11-25 17:59:30,109 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:59:30,127 INFO L263 TraceCheckSpWp]: Trace formula consists of 376 conjuncts, 93 conjunts are in the unsatisfiable core [2022-11-25 17:59:30,134 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:59:30,165 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:59:30,175 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:59:30,391 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_979 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_979) |c_#length|)))) is different from true [2022-11-25 17:59:30,411 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:30,412 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:30,431 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:30,431 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:30,612 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_980 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_980))))) is different from true [2022-11-25 17:59:30,633 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:30,634 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:30,655 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:30,655 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:30,848 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_981 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_981) |c_#length|)))) is different from true [2022-11-25 17:59:30,869 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:30,871 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:30,891 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:30,892 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:31,118 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_982 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_982) |c_#length|)))) is different from true [2022-11-25 17:59:31,144 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:31,145 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:31,168 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:31,168 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:31,391 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_983 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_983) |c_#length|)))) is different from true [2022-11-25 17:59:31,414 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:31,414 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:31,436 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:31,436 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:31,664 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_984 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_984) |c_#length|)))) is different from true [2022-11-25 17:59:31,707 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:31,709 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:31,728 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:31,729 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:31,975 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_985 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_985) |c_#length|)))) is different from true [2022-11-25 17:59:31,998 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:31,999 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:32,015 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:32,016 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:32,271 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_986 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_986) |c_#length|)) (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)))) is different from true [2022-11-25 17:59:32,292 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:32,303 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:32,328 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:32,328 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:32,590 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_987 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_987) |c_#length|)) (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)))) is different from true [2022-11-25 17:59:32,626 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:32,631 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:32,648 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:32,648 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:32,917 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_988 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_988) |c_#length|)))) is different from true [2022-11-25 17:59:32,940 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:32,941 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:32,961 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:32,961 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:33,063 INFO L134 CoverageAnalysis]: Checked inductivity of 436 backedges. 10 proven. 226 refuted. 0 times theorem prover too weak. 90 trivial. 110 not checked. [2022-11-25 17:59:33,063 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:59:40,110 INFO L136 FreeRefinementEngine]: Strategy WOLF found an infeasible trace [2022-11-25 17:59:40,110 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleMathsat [568306460] [2022-11-25 17:59:40,110 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleMathsat [568306460] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:59:40,110 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleCvc4 [217282664] [2022-11-25 17:59:40,111 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-25 17:59:40,111 INFO L173 SolverBuilder]: Constructing external solver with command: cvc4 --incremental --print-success --lang smt [2022-11-25 17:59:40,111 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 [2022-11-25 17:59:40,112 INFO L229 MonitoredProcess]: Starting monitored process 28 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (exit command is (exit), workingDir is null) [2022-11-25 17:59:40,114 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (28)] Waiting until timeout for monitored process [2022-11-25 17:59:41,954 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 11 check-sat command(s) [2022-11-25 17:59:41,954 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-25 17:59:42,003 INFO L263 TraceCheckSpWp]: Trace formula consists of 376 conjuncts, 110 conjunts are in the unsatisfiable core [2022-11-25 17:59:42,012 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 17:59:42,028 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 7 [2022-11-25 17:59:42,036 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2022-11-25 17:59:42,170 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_1071 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_1071) |c_#length|)) (exists ((v_ArrVal_1070 (_ BitVec 1))) (= |c_#valid| (store |c_old(#valid)| |ldv_malloc_#res.base| v_ArrVal_1070))))) is different from true [2022-11-25 17:59:42,244 INFO L321 Elim1Store]: treesize reduction 22, result has 35.3 percent of original size [2022-11-25 17:59:42,244 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 27 [2022-11-25 17:59:42,252 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:42,531 INFO L321 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-11-25 17:59:42,531 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 18 [2022-11-25 17:59:42,570 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:42,571 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:42,841 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 11 [2022-11-25 17:59:43,206 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 5 treesize of output 3 [2022-11-25 17:59:43,212 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 7 treesize of output 5 [2022-11-25 17:59:51,596 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:51,596 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:51,615 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:52,055 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 4 [2022-11-25 17:59:52,131 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_1078 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_1078) |c_#length|)))) is different from true [2022-11-25 17:59:52,155 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:52,156 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:52,173 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:52,173 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:52,281 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_1079 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_1079) |c_#length|)))) is different from true [2022-11-25 17:59:52,310 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:52,312 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:52,337 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:52,338 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:52,650 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| |c_ldv_malloc_#in~size|) |c_#length|)) is different from true [2022-11-25 17:59:52,690 INFO L321 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2022-11-25 17:59:52,691 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 18 [2022-11-25 17:59:53,466 INFO L321 Elim1Store]: treesize reduction 20, result has 57.4 percent of original size [2022-11-25 17:59:53,470 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 3 case distinctions, treesize of input 24 treesize of output 43 [2022-11-25 17:59:54,793 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:54,793 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:54,855 INFO L321 Elim1Store]: treesize reduction 19, result has 32.1 percent of original size [2022-11-25 17:59:54,855 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 1 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 17 treesize of output 26 [2022-11-25 17:59:55,292 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (exists ((v_ArrVal_1085 (_ BitVec 32))) (= (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_1085) |c_#length|)) (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)))) is different from true [2022-11-25 17:59:55,330 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:55,331 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:55,353 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:55,353 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:55,475 WARN L859 $PredicateComparison]: unable to prove that (exists ((|ldv_malloc_#res.base| (_ BitVec 32))) (and (= (_ bv0 1) (select |c_old(#valid)| |ldv_malloc_#res.base|)) (exists ((v_ArrVal_1086 (_ BitVec 32))) (= |c_#length| (store |c_old(#length)| |ldv_malloc_#res.base| v_ArrVal_1086))))) is different from true [2022-11-25 17:59:55,498 INFO L190 IndexEqualityManager]: detected not equals via solver [2022-11-25 17:59:55,499 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 12 treesize of output 14 [2022-11-25 17:59:55,520 INFO L321 Elim1Store]: treesize reduction 6, result has 40.0 percent of original size [2022-11-25 17:59:55,520 INFO L350 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 13 treesize of output 13 [2022-11-25 17:59:55,542 INFO L134 CoverageAnalysis]: Checked inductivity of 436 backedges. 24 proven. 264 refuted. 12 times theorem prover too weak. 46 trivial. 90 not checked. [2022-11-25 17:59:55,542 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 17:59:58,159 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleCvc4 [217282664] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 17:59:58,159 INFO L184 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2022-11-25 17:59:58,159 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [36, 45] total 62 [2022-11-25 17:59:58,160 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [350647025] [2022-11-25 17:59:58,160 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2022-11-25 17:59:58,161 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 63 states [2022-11-25 17:59:58,161 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy WOLF [2022-11-25 17:59:58,162 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 63 interpolants. [2022-11-25 17:59:58,164 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=204, Invalid=2192, Unknown=20, NotChecked=1744, Total=4160 [2022-11-25 17:59:58,164 INFO L87 Difference]: Start difference. First operand 66 states and 86 transitions. Second operand has 63 states, 61 states have (on average 1.7704918032786885) internal successors, (108), 57 states have internal predecessors, (108), 15 states have call successors, (15), 4 states have call predecessors, (15), 20 states have return successors, (21), 17 states have call predecessors, (21), 15 states have call successors, (21) [2022-11-25 18:00:00,295 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:02,359 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:06,481 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:12,616 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.01s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:14,637 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.01s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:16,642 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:19,132 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.01s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:21,652 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:38,113 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:40,374 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:42,939 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:45,580 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:48,394 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.01s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:50,645 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:53,601 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:56,055 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:00:59,177 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.01s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:01:01,944 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.02s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, BitVec], hasArrays=true, hasNonlinArith=false, quantifiers [0] [2022-11-25 18:01:02,842 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 18:01:02,843 INFO L93 Difference]: Finished difference Result 110 states and 139 transitions. [2022-11-25 18:01:02,843 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 34 states. [2022-11-25 18:01:02,844 INFO L78 Accepts]: Start accepts. Automaton has has 63 states, 61 states have (on average 1.7704918032786885) internal successors, (108), 57 states have internal predecessors, (108), 15 states have call successors, (15), 4 states have call predecessors, (15), 20 states have return successors, (21), 17 states have call predecessors, (21), 15 states have call successors, (21) Word has length 98 [2022-11-25 18:01:02,844 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 18:01:02,846 INFO L225 Difference]: With dead ends: 110 [2022-11-25 18:01:02,846 INFO L226 Difference]: Without dead ends: 110 [2022-11-25 18:01:02,848 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 229 GetRequests, 135 SyntacticMatches, 2 SemanticMatches, 92 ConstructedPredicates, 16 IntricatePredicates, 0 DeprecatedPredicates, 1310 ImplicationChecksByTransitivity, 43.2s TimeCoverageRelationStatistics Valid=456, Invalid=5590, Unknown=24, NotChecked=2672, Total=8742 [2022-11-25 18:01:02,848 INFO L413 NwaCegarLoop]: 30 mSDtfsCounter, 120 mSDsluCounter, 445 mSDsCounter, 0 mSdLazyCounter, 2697 mSolverCounterSat, 80 mSolverCounterUnsat, 48 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 42.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 123 SdHoareTripleChecker+Valid, 475 SdHoareTripleChecker+Invalid, 4581 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 80 IncrementalHoareTripleChecker+Valid, 2697 IncrementalHoareTripleChecker+Invalid, 48 IncrementalHoareTripleChecker+Unknown, 1756 IncrementalHoareTripleChecker+Unchecked, 43.3s IncrementalHoareTripleChecker+Time [2022-11-25 18:01:02,849 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [123 Valid, 475 Invalid, 4581 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [80 Valid, 2697 Invalid, 48 Unknown, 1756 Unchecked, 43.3s Time] [2022-11-25 18:01:02,850 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 110 states. [2022-11-25 18:01:02,855 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 110 to 78. [2022-11-25 18:01:02,856 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 78 states, 60 states have (on average 1.0666666666666667) internal successors, (64), 62 states have internal predecessors, (64), 13 states have call successors, (13), 2 states have call predecessors, (13), 3 states have return successors, (24), 13 states have call predecessors, (24), 13 states have call successors, (24) [2022-11-25 18:01:02,857 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 101 transitions. [2022-11-25 18:01:02,857 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 101 transitions. Word has length 98 [2022-11-25 18:01:02,858 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 18:01:02,858 INFO L495 AbstractCegarLoop]: Abstraction has 78 states and 101 transitions. [2022-11-25 18:01:02,858 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 63 states, 61 states have (on average 1.7704918032786885) internal successors, (108), 57 states have internal predecessors, (108), 15 states have call successors, (15), 4 states have call predecessors, (15), 20 states have return successors, (21), 17 states have call predecessors, (21), 15 states have call successors, (21) [2022-11-25 18:01:02,859 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 101 transitions. [2022-11-25 18:01:02,860 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 103 [2022-11-25 18:01:02,861 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 18:01:02,861 INFO L195 NwaCegarLoop]: trace histogram [11, 11, 11, 10, 10, 10, 10, 10, 10, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:01:02,880 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (27)] Forceful destruction successful, exit code 0 [2022-11-25 18:01:03,085 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt (28)] Forceful destruction successful, exit code 0 [2022-11-25 18:01:03,279 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 27 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3,28 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/cvc4 --incremental --print-success --lang smt [2022-11-25 18:01:03,279 INFO L420 AbstractCegarLoop]: === Iteration 18 === Targeting ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK] === [2022-11-25 18:01:03,280 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 18:01:03,280 INFO L85 PathProgramCache]: Analyzing trace with hash 329760614, now seen corresponding path program 3 times [2022-11-25 18:01:03,280 INFO L118 FreeRefinementEngine]: Executing refinement strategy WOLF [2022-11-25 18:01:03,281 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleMathsat [534238191] [2022-11-25 18:01:03,281 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-25 18:01:03,281 INFO L173 SolverBuilder]: Constructing external solver with command: mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 18:01:03,281 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat [2022-11-25 18:01:03,282 INFO L229 MonitoredProcess]: Starting monitored process 29 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (exit command is (exit), workingDir is null) [2022-11-25 18:01:03,307 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (29)] Waiting until timeout for monitored process [2022-11-25 18:01:04,127 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 11 check-sat command(s) [2022-11-25 18:01:04,127 INFO L229 tOrderPrioritization]: Conjunction of SSA is sat [2022-11-25 18:01:04,127 INFO L356 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2022-11-25 18:01:04,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2022-11-25 18:01:04,697 INFO L130 FreeRefinementEngine]: Strategy WOLF found a feasible trace [2022-11-25 18:01:04,697 INFO L360 BasicCegarLoop]: Counterexample is feasible [2022-11-25 18:01:04,698 INFO L805 garLoopResultBuilder]: Registering result UNSAFE for location ULTIMATE.startErr2ASSERT_VIOLATIONMEMORY_LEAK (2 of 3 remaining) [2022-11-25 18:01:04,700 INFO L805 garLoopResultBuilder]: Registering result UNKNOWN for location ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE (1 of 3 remaining) [2022-11-25 18:01:04,701 INFO L805 garLoopResultBuilder]: Registering result UNKNOWN for location ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE (0 of 3 remaining) [2022-11-25 18:01:04,728 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 (29)] Forceful destruction successful, exit code 0 [2022-11-25 18:01:04,922 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 29 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a3ae6249-fcd6-4130-8713-c88ba9e720cd/bin/uautomizer-ZsLfNo2U6R/mathsat -theory.fp.to_bv_overflow_mode=1 -theory.fp.minmax_zero_mode=4 -theory.bv.div_by_zero_mode=1 -unsat_core_generation=3 [2022-11-25 18:01:04,926 INFO L445 BasicCegarLoop]: Path program histogram: [9, 3, 1, 1, 1, 1, 1, 1] [2022-11-25 18:01:04,931 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-25 18:01:05,051 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 25.11 06:01:05 BoogieIcfgContainer [2022-11-25 18:01:05,059 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-25 18:01:05,060 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-25 18:01:05,060 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-25 18:01:05,061 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-25 18:01:05,061 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 25.11 05:57:52" (3/4) ... [2022-11-25 18:01:05,065 INFO L140 WitnessPrinter]: No result that supports witness generation found [2022-11-25 18:01:05,066 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-25 18:01:05,066 INFO L158 Benchmark]: Toolchain (without parser) took 194520.93ms. Allocated memory was 83.9MB in the beginning and 121.6MB in the end (delta: 37.7MB). Free memory was 63.0MB in the beginning and 30.5MB in the end (delta: 32.5MB). Peak memory consumption was 70.5MB. Max. memory is 16.1GB. [2022-11-25 18:01:05,067 INFO L158 Benchmark]: CDTParser took 0.34ms. Allocated memory is still 58.7MB. Free memory is still 37.3MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-25 18:01:05,067 INFO L158 Benchmark]: CACSL2BoogieTranslator took 909.61ms. Allocated memory is still 83.9MB. Free memory was 62.7MB in the beginning and 55.9MB in the end (delta: 6.8MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2022-11-25 18:01:05,068 INFO L158 Benchmark]: Boogie Procedure Inliner took 68.28ms. Allocated memory is still 83.9MB. Free memory was 55.9MB in the beginning and 53.4MB in the end (delta: 2.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-25 18:01:05,069 INFO L158 Benchmark]: Boogie Preprocessor took 35.85ms. Allocated memory is still 83.9MB. Free memory was 53.4MB in the beginning and 51.9MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-25 18:01:05,070 INFO L158 Benchmark]: RCFGBuilder took 454.05ms. Allocated memory is still 83.9MB. Free memory was 51.9MB in the beginning and 40.1MB in the end (delta: 11.8MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. [2022-11-25 18:01:05,071 INFO L158 Benchmark]: TraceAbstraction took 193037.55ms. Allocated memory was 83.9MB in the beginning and 121.6MB in the end (delta: 37.7MB). Free memory was 39.4MB in the beginning and 30.5MB in the end (delta: 8.9MB). Peak memory consumption was 47.4MB. Max. memory is 16.1GB. [2022-11-25 18:01:05,071 INFO L158 Benchmark]: Witness Printer took 5.80ms. Allocated memory is still 121.6MB. Free memory is still 30.5MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-25 18:01:05,073 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.34ms. Allocated memory is still 58.7MB. Free memory is still 37.3MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 909.61ms. Allocated memory is still 83.9MB. Free memory was 62.7MB in the beginning and 55.9MB in the end (delta: 6.8MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 68.28ms. Allocated memory is still 83.9MB. Free memory was 55.9MB in the beginning and 53.4MB in the end (delta: 2.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 35.85ms. Allocated memory is still 83.9MB. Free memory was 53.4MB in the beginning and 51.9MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 454.05ms. Allocated memory is still 83.9MB. Free memory was 51.9MB in the beginning and 40.1MB in the end (delta: 11.8MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. * TraceAbstraction took 193037.55ms. Allocated memory was 83.9MB in the beginning and 121.6MB in the end (delta: 37.7MB). Free memory was 39.4MB in the beginning and 30.5MB in the end (delta: 8.9MB). Peak memory consumption was 47.4MB. Max. memory is 16.1GB. * Witness Printer took 5.80ms. Allocated memory is still 121.6MB. Free memory is still 30.5MB. There was no memory consumed. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - UnprovableResult [Line: 772]: Unable to prove that all allocated memory was freed Unable to prove that all allocated memory was freed Reason: overapproximation of memtrack at line 772. Possible FailurePath: [L569] struct ldv_list_head ldv_global_msg_list = { &(ldv_global_msg_list), &(ldv_global_msg_list) }; VAL [ldv_global_msg_list={1:0}] [L773] CALL entry_point() [L761] int len = 10; VAL [ldv_global_msg_list={1:0}, len=10] [L762] CALL, EXPR ldv_malloc(sizeof(struct A18*)*len) VAL [\old(size)=40, ldv_global_msg_list={1:0}] [L526] COND TRUE __VERIFIER_nondet_int() [L527] return malloc(size); [L762] RET, EXPR ldv_malloc(sizeof(struct A18*)*len) VAL [ldv_global_msg_list={1:0}, ldv_malloc(sizeof(struct A18*)*len)={10:0}, len=10] [L762] struct A18 **array = (struct A18 **)ldv_malloc(sizeof(struct A18*)*len); [L763] struct A18 *p; [L764] int i=0; VAL [array={10:0}, i=0, ldv_global_msg_list={1:0}, len=10] [L765] COND FALSE !(!array) VAL [array={10:0}, i=0, ldv_global_msg_list={1:0}, len=10] [L766] COND TRUE i