./Ultimate.py --spec ../../sv-benchmarks/c/properties/valid-memsafety.prp --file ../../sv-benchmarks/c/memsafety/test-0234-2.i --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version 0e0057cc Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/config/TaipanMemDerefMemtrack.xml -i ../../sv-benchmarks/c/memsafety/test-0234-2.i -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/config/svcomp-DerefFreeMemtrack-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 3248e88e6fd49fdcf0a9f78f1aa9e69276951d353f75f39f6bb30d51b2e53989 --- Real Ultimate output --- This is Ultimate 0.2.4-dev-0e0057c [2023-12-02 16:16:46,860 INFO L188 SettingsManager]: Resetting all preferences to default values... [2023-12-02 16:16:46,924 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/config/svcomp-DerefFreeMemtrack-32bit-Taipan_Default.epf [2023-12-02 16:16:46,928 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2023-12-02 16:16:46,929 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2023-12-02 16:16:46,954 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2023-12-02 16:16:46,954 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2023-12-02 16:16:46,955 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2023-12-02 16:16:46,956 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2023-12-02 16:16:46,956 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2023-12-02 16:16:46,957 INFO L153 SettingsManager]: * User list type=DISABLED [2023-12-02 16:16:46,957 INFO L151 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2023-12-02 16:16:46,958 INFO L153 SettingsManager]: * Explicit value domain=true [2023-12-02 16:16:46,958 INFO L153 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2023-12-02 16:16:46,958 INFO L153 SettingsManager]: * Octagon Domain=false [2023-12-02 16:16:46,959 INFO L153 SettingsManager]: * Abstract domain=CompoundDomain [2023-12-02 16:16:46,959 INFO L153 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2023-12-02 16:16:46,960 INFO L153 SettingsManager]: * Use the RCFG-of-the-future interface=true [2023-12-02 16:16:46,960 INFO L153 SettingsManager]: * Interval Domain=false [2023-12-02 16:16:46,961 INFO L151 SettingsManager]: Preferences of Sifa differ from their defaults: [2023-12-02 16:16:46,961 INFO L153 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2023-12-02 16:16:46,962 INFO L153 SettingsManager]: * Simplification Technique=POLY_PAC [2023-12-02 16:16:46,963 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2023-12-02 16:16:46,963 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2023-12-02 16:16:46,964 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2023-12-02 16:16:46,964 INFO L153 SettingsManager]: * sizeof long=4 [2023-12-02 16:16:46,965 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2023-12-02 16:16:46,965 INFO L153 SettingsManager]: * sizeof POINTER=4 [2023-12-02 16:16:46,966 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2023-12-02 16:16:46,966 INFO L153 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2023-12-02 16:16:46,966 INFO L153 SettingsManager]: * Bitprecise bitfields=true [2023-12-02 16:16:46,967 INFO L153 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2023-12-02 16:16:46,967 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2023-12-02 16:16:46,968 INFO L153 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2023-12-02 16:16:46,968 INFO L153 SettingsManager]: * Check unreachability of reach_error function=false [2023-12-02 16:16:46,968 INFO L153 SettingsManager]: * sizeof long double=12 [2023-12-02 16:16:46,968 INFO L153 SettingsManager]: * Use constant arrays=true [2023-12-02 16:16:46,968 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2023-12-02 16:16:46,968 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2023-12-02 16:16:46,969 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2023-12-02 16:16:46,969 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-12-02 16:16:46,969 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2023-12-02 16:16:46,969 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2023-12-02 16:16:46,970 INFO L153 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2023-12-02 16:16:46,970 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2023-12-02 16:16:46,970 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2023-12-02 16:16:46,970 INFO L153 SettingsManager]: * Trace refinement exception blacklist=NONE [2023-12-02 16:16:46,970 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2023-12-02 16:16:46,970 INFO L153 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 3248e88e6fd49fdcf0a9f78f1aa9e69276951d353f75f39f6bb30d51b2e53989 [2023-12-02 16:16:47,188 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2023-12-02 16:16:47,209 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2023-12-02 16:16:47,212 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2023-12-02 16:16:47,213 INFO L270 PluginConnector]: Initializing CDTParser... [2023-12-02 16:16:47,214 INFO L274 PluginConnector]: CDTParser initialized [2023-12-02 16:16:47,215 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/../../sv-benchmarks/c/memsafety/test-0234-2.i [2023-12-02 16:16:49,975 INFO L533 CDTParser]: Created temporary CDT project at NULL [2023-12-02 16:16:50,211 INFO L384 CDTParser]: Found 1 translation units. [2023-12-02 16:16:50,212 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/sv-benchmarks/c/memsafety/test-0234-2.i [2023-12-02 16:16:50,228 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/data/adb3148d0/f761e277bf114fd683f6bfa9c61404aa/FLAG229868ee6 [2023-12-02 16:16:50,242 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/data/adb3148d0/f761e277bf114fd683f6bfa9c61404aa [2023-12-02 16:16:50,245 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2023-12-02 16:16:50,246 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2023-12-02 16:16:50,248 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2023-12-02 16:16:50,248 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2023-12-02 16:16:50,253 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2023-12-02 16:16:50,254 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,255 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4c3896dd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50, skipping insertion in model container [2023-12-02 16:16:50,255 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,304 INFO L177 MainTranslator]: Built tables and reachable declarations [2023-12-02 16:16:50,641 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-12-02 16:16:50,652 INFO L202 MainTranslator]: Completed pre-run [2023-12-02 16:16:50,700 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-12-02 16:16:50,739 INFO L206 MainTranslator]: Completed translation [2023-12-02 16:16:50,740 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50 WrapperNode [2023-12-02 16:16:50,740 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2023-12-02 16:16:50,741 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2023-12-02 16:16:50,741 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2023-12-02 16:16:50,741 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2023-12-02 16:16:50,747 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,764 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,794 INFO L138 Inliner]: procedures = 188, calls = 58, calls flagged for inlining = 14, calls inlined = 14, statements flattened = 206 [2023-12-02 16:16:50,795 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2023-12-02 16:16:50,796 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2023-12-02 16:16:50,796 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2023-12-02 16:16:50,796 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2023-12-02 16:16:50,803 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,804 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,809 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,809 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,822 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,827 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,830 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,832 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,837 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2023-12-02 16:16:50,838 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2023-12-02 16:16:50,838 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2023-12-02 16:16:50,838 INFO L274 PluginConnector]: RCFGBuilder initialized [2023-12-02 16:16:50,839 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50" (1/1) ... [2023-12-02 16:16:50,845 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-12-02 16:16:50,854 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:16:50,865 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2023-12-02 16:16:50,876 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2023-12-02 16:16:50,906 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2023-12-02 16:16:50,906 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2023-12-02 16:16:50,906 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2023-12-02 16:16:50,906 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2023-12-02 16:16:50,906 INFO L130 BoogieDeclarations]: Found specification of procedure zalloc_or_die [2023-12-02 16:16:50,907 INFO L138 BoogieDeclarations]: Found implementation of procedure zalloc_or_die [2023-12-02 16:16:50,907 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2023-12-02 16:16:50,907 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2023-12-02 16:16:50,907 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2023-12-02 16:16:50,907 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2023-12-02 16:16:50,908 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2023-12-02 16:16:51,032 INFO L241 CfgBuilder]: Building ICFG [2023-12-02 16:16:51,035 INFO L267 CfgBuilder]: Building CFG for each procedure with an implementation [2023-12-02 16:16:51,461 INFO L282 CfgBuilder]: Performing block encoding [2023-12-02 16:16:51,532 INFO L304 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2023-12-02 16:16:51,533 INFO L309 CfgBuilder]: Removed 10 assume(true) statements. [2023-12-02 16:16:51,534 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.12 04:16:51 BoogieIcfgContainer [2023-12-02 16:16:51,534 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2023-12-02 16:16:51,537 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2023-12-02 16:16:51,537 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2023-12-02 16:16:51,541 INFO L274 PluginConnector]: TraceAbstraction initialized [2023-12-02 16:16:51,541 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 02.12 04:16:50" (1/3) ... [2023-12-02 16:16:51,542 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4908ef67 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 02.12 04:16:51, skipping insertion in model container [2023-12-02 16:16:51,542 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 04:16:50" (2/3) ... [2023-12-02 16:16:51,542 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4908ef67 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 02.12 04:16:51, skipping insertion in model container [2023-12-02 16:16:51,543 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.12 04:16:51" (3/3) ... [2023-12-02 16:16:51,544 INFO L112 eAbstractionObserver]: Analyzing ICFG test-0234-2.i [2023-12-02 16:16:51,564 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:false NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2023-12-02 16:16:51,564 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 70 error locations. [2023-12-02 16:16:51,612 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2023-12-02 16:16:51,617 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=false, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=All, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@7c223ff1, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2023-12-02 16:16:51,617 INFO L358 AbstractCegarLoop]: Starting to check reachability of 70 error locations. [2023-12-02 16:16:51,621 INFO L276 IsEmpty]: Start isEmpty. Operand has 150 states, 72 states have (on average 2.263888888888889) internal successors, (163), 142 states have internal predecessors, (163), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2023-12-02 16:16:51,627 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 4 [2023-12-02 16:16:51,627 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:16:51,628 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1] [2023-12-02 16:16:51,628 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting ULTIMATE.startErr32REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:16:51,634 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:16:51,634 INFO L85 PathProgramCache]: Analyzing trace with hash 361206, now seen corresponding path program 1 times [2023-12-02 16:16:51,644 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:16:51,644 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [694203298] [2023-12-02 16:16:51,644 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:16:51,645 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:16:51,734 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 16:16:51,775 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-12-02 16:16:51,775 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:16:51,775 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [694203298] [2023-12-02 16:16:51,776 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [694203298] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 16:16:51,776 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-12-02 16:16:51,776 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2023-12-02 16:16:51,778 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [47150893] [2023-12-02 16:16:51,779 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 16:16:51,782 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2023-12-02 16:16:51,783 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:16:51,812 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2023-12-02 16:16:51,812 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-12-02 16:16:51,815 INFO L87 Difference]: Start difference. First operand has 150 states, 72 states have (on average 2.263888888888889) internal successors, (163), 142 states have internal predecessors, (163), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) Second operand has 2 states, 2 states have (on average 1.5) internal successors, (3), 2 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2023-12-02 16:16:51,887 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:16:51,887 INFO L93 Difference]: Finished difference Result 150 states and 165 transitions. [2023-12-02 16:16:51,889 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2023-12-02 16:16:51,890 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 1.5) internal successors, (3), 2 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 3 [2023-12-02 16:16:51,890 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:16:51,899 INFO L225 Difference]: With dead ends: 150 [2023-12-02 16:16:51,899 INFO L226 Difference]: Without dead ends: 149 [2023-12-02 16:16:51,901 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-12-02 16:16:51,904 INFO L413 NwaCegarLoop]: 141 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 24 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 141 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 24 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-12-02 16:16:51,905 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 141 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 24 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-12-02 16:16:51,923 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 149 states. [2023-12-02 16:16:51,946 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 149 to 149. [2023-12-02 16:16:51,948 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 72 states have (on average 2.111111111111111) internal successors, (152), 141 states have internal predecessors, (152), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2023-12-02 16:16:51,951 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 164 transitions. [2023-12-02 16:16:51,952 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 164 transitions. Word has length 3 [2023-12-02 16:16:51,952 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:16:51,952 INFO L495 AbstractCegarLoop]: Abstraction has 149 states and 164 transitions. [2023-12-02 16:16:51,953 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 1.5) internal successors, (3), 2 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2023-12-02 16:16:51,953 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 164 transitions. [2023-12-02 16:16:51,953 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 6 [2023-12-02 16:16:51,953 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:16:51,953 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1] [2023-12-02 16:16:51,954 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2023-12-02 16:16:51,954 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting zalloc_or_dieErr0ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:16:51,954 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:16:51,955 INFO L85 PathProgramCache]: Analyzing trace with hash 343109249, now seen corresponding path program 1 times [2023-12-02 16:16:51,955 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:16:51,955 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [484649037] [2023-12-02 16:16:51,955 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:16:51,956 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:16:51,973 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:16:51,973 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [1345694409] [2023-12-02 16:16:51,973 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:16:51,974 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:16:51,974 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:16:51,980 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:16:51,984 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2023-12-02 16:16:52,066 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 16:16:52,068 INFO L262 TraceCheckSpWp]: Trace formula consists of 81 conjuncts, 6 conjunts are in the unsatisfiable core [2023-12-02 16:16:52,072 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:16:52,120 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2023-12-02 16:16:52,127 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-12-02 16:16:52,127 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-12-02 16:16:52,128 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:16:52,128 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [484649037] [2023-12-02 16:16:52,128 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:16:52,128 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1345694409] [2023-12-02 16:16:52,128 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1345694409] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 16:16:52,129 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-12-02 16:16:52,129 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2023-12-02 16:16:52,130 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1403958820] [2023-12-02 16:16:52,130 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 16:16:52,130 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-12-02 16:16:52,131 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:16:52,131 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-12-02 16:16:52,131 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-12-02 16:16:52,132 INFO L87 Difference]: Start difference. First operand 149 states and 164 transitions. Second operand has 3 states, 2 states have (on average 2.0) internal successors, (4), 3 states have internal predecessors, (4), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2023-12-02 16:16:52,283 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:16:52,284 INFO L93 Difference]: Finished difference Result 148 states and 163 transitions. [2023-12-02 16:16:52,284 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-12-02 16:16:52,284 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 2.0) internal successors, (4), 3 states have internal predecessors, (4), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 5 [2023-12-02 16:16:52,285 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:16:52,286 INFO L225 Difference]: With dead ends: 148 [2023-12-02 16:16:52,286 INFO L226 Difference]: Without dead ends: 148 [2023-12-02 16:16:52,287 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-12-02 16:16:52,288 INFO L413 NwaCegarLoop]: 136 mSDtfsCounter, 4 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 92 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 4 SdHoareTripleChecker+Valid, 229 SdHoareTripleChecker+Invalid, 92 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 92 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-12-02 16:16:52,289 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [4 Valid, 229 Invalid, 92 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 92 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-12-02 16:16:52,290 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 148 states. [2023-12-02 16:16:52,300 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 148 to 148. [2023-12-02 16:16:52,301 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 72 states have (on average 2.0972222222222223) internal successors, (151), 140 states have internal predecessors, (151), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2023-12-02 16:16:52,304 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 163 transitions. [2023-12-02 16:16:52,304 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 163 transitions. Word has length 5 [2023-12-02 16:16:52,304 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:16:52,304 INFO L495 AbstractCegarLoop]: Abstraction has 148 states and 163 transitions. [2023-12-02 16:16:52,305 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 2.0) internal successors, (4), 3 states have internal predecessors, (4), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2023-12-02 16:16:52,305 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 163 transitions. [2023-12-02 16:16:52,305 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 7 [2023-12-02 16:16:52,305 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:16:52,305 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1] [2023-12-02 16:16:52,312 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2023-12-02 16:16:52,507 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:16:52,508 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting zalloc_or_dieErr1ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:16:52,508 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:16:52,509 INFO L85 PathProgramCache]: Analyzing trace with hash 2046452448, now seen corresponding path program 1 times [2023-12-02 16:16:52,509 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:16:52,509 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [997894740] [2023-12-02 16:16:52,509 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:16:52,509 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:16:52,522 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:16:52,523 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [590238279] [2023-12-02 16:16:52,523 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:16:52,523 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:16:52,523 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:16:52,524 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:16:52,527 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2023-12-02 16:16:52,606 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 16:16:52,607 INFO L262 TraceCheckSpWp]: Trace formula consists of 83 conjuncts, 20 conjunts are in the unsatisfiable core [2023-12-02 16:16:52,609 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:16:52,661 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2023-12-02 16:16:52,692 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-12-02 16:16:52,692 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-12-02 16:16:52,692 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:16:52,692 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [997894740] [2023-12-02 16:16:52,693 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:16:52,693 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [590238279] [2023-12-02 16:16:52,693 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [590238279] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 16:16:52,693 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-12-02 16:16:52,694 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-12-02 16:16:52,694 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1538326752] [2023-12-02 16:16:52,694 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 16:16:52,694 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2023-12-02 16:16:52,695 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:16:52,695 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2023-12-02 16:16:52,696 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2023-12-02 16:16:52,696 INFO L87 Difference]: Start difference. First operand 148 states and 163 transitions. Second operand has 4 states, 3 states have (on average 1.6666666666666667) internal successors, (5), 3 states have internal predecessors, (5), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2023-12-02 16:16:52,906 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:16:52,906 INFO L93 Difference]: Finished difference Result 153 states and 168 transitions. [2023-12-02 16:16:52,907 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2023-12-02 16:16:52,907 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 1.6666666666666667) internal successors, (5), 3 states have internal predecessors, (5), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 6 [2023-12-02 16:16:52,908 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:16:52,909 INFO L225 Difference]: With dead ends: 153 [2023-12-02 16:16:52,909 INFO L226 Difference]: Without dead ends: 153 [2023-12-02 16:16:52,910 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2023-12-02 16:16:52,911 INFO L413 NwaCegarLoop]: 131 mSDtfsCounter, 7 mSDsluCounter, 227 mSDsCounter, 0 mSdLazyCounter, 126 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 7 SdHoareTripleChecker+Valid, 358 SdHoareTripleChecker+Invalid, 130 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 126 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-12-02 16:16:52,912 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [7 Valid, 358 Invalid, 130 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-12-02 16:16:52,913 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2023-12-02 16:16:52,923 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 153. [2023-12-02 16:16:52,924 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 76 states have (on average 2.0526315789473686) internal successors, (156), 144 states have internal predecessors, (156), 6 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2023-12-02 16:16:52,926 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 168 transitions. [2023-12-02 16:16:52,926 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 168 transitions. Word has length 6 [2023-12-02 16:16:52,926 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:16:52,926 INFO L495 AbstractCegarLoop]: Abstraction has 153 states and 168 transitions. [2023-12-02 16:16:52,927 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 1.6666666666666667) internal successors, (5), 3 states have internal predecessors, (5), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2023-12-02 16:16:52,927 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 168 transitions. [2023-12-02 16:16:52,928 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2023-12-02 16:16:52,929 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:16:52,929 INFO L195 NwaCegarLoop]: trace histogram [6, 6, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:16:52,933 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2023-12-02 16:16:53,129 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:16:53,130 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting zalloc_or_dieErr1ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:16:53,130 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:16:53,130 INFO L85 PathProgramCache]: Analyzing trace with hash 1045957265, now seen corresponding path program 1 times [2023-12-02 16:16:53,130 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:16:53,130 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [542854218] [2023-12-02 16:16:53,131 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:16:53,131 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:16:53,165 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:16:53,165 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [2090671954] [2023-12-02 16:16:53,165 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:16:53,166 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:16:53,166 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:16:53,167 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:16:53,170 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2023-12-02 16:16:53,360 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 16:16:53,363 INFO L262 TraceCheckSpWp]: Trace formula consists of 495 conjuncts, 20 conjunts are in the unsatisfiable core [2023-12-02 16:16:53,368 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:16:53,409 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2023-12-02 16:16:53,523 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 11 [2023-12-02 16:16:53,624 INFO L134 CoverageAnalysis]: Checked inductivity of 65 backedges. 47 proven. 0 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2023-12-02 16:16:53,624 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-12-02 16:16:53,625 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:16:53,625 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [542854218] [2023-12-02 16:16:53,625 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:16:53,625 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2090671954] [2023-12-02 16:16:53,625 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2090671954] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 16:16:53,625 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-12-02 16:16:53,626 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-12-02 16:16:53,626 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [275517726] [2023-12-02 16:16:53,626 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 16:16:53,627 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-12-02 16:16:53,627 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:16:53,628 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-12-02 16:16:53,628 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-12-02 16:16:53,628 INFO L87 Difference]: Start difference. First operand 153 states and 168 transitions. Second operand has 5 states, 4 states have (on average 6.0) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2023-12-02 16:16:54,030 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:16:54,031 INFO L93 Difference]: Finished difference Result 157 states and 172 transitions. [2023-12-02 16:16:54,031 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2023-12-02 16:16:54,031 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 6.0) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 45 [2023-12-02 16:16:54,031 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:16:54,033 INFO L225 Difference]: With dead ends: 157 [2023-12-02 16:16:54,033 INFO L226 Difference]: Without dead ends: 155 [2023-12-02 16:16:54,033 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 45 GetRequests, 41 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2023-12-02 16:16:54,034 INFO L413 NwaCegarLoop]: 136 mSDtfsCounter, 4 mSDsluCounter, 356 mSDsCounter, 0 mSdLazyCounter, 154 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 4 SdHoareTripleChecker+Valid, 492 SdHoareTripleChecker+Invalid, 159 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 154 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2023-12-02 16:16:54,035 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [4 Valid, 492 Invalid, 159 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 154 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2023-12-02 16:16:54,036 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 155 states. [2023-12-02 16:16:54,044 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 155 to 155. [2023-12-02 16:16:54,045 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 155 states, 78 states have (on average 2.0256410256410255) internal successors, (158), 146 states have internal predecessors, (158), 6 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2023-12-02 16:16:54,046 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 155 states to 155 states and 170 transitions. [2023-12-02 16:16:54,046 INFO L78 Accepts]: Start accepts. Automaton has 155 states and 170 transitions. Word has length 45 [2023-12-02 16:16:54,047 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:16:54,047 INFO L495 AbstractCegarLoop]: Abstraction has 155 states and 170 transitions. [2023-12-02 16:16:54,047 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 6.0) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2023-12-02 16:16:54,047 INFO L276 IsEmpty]: Start isEmpty. Operand 155 states and 170 transitions. [2023-12-02 16:16:54,049 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2023-12-02 16:16:54,049 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:16:54,049 INFO L195 NwaCegarLoop]: trace histogram [6, 6, 5, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:16:54,055 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2023-12-02 16:16:54,251 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:16:54,252 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting zalloc_or_dieErr1ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:16:54,252 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:16:54,253 INFO L85 PathProgramCache]: Analyzing trace with hash -2031412480, now seen corresponding path program 1 times [2023-12-02 16:16:54,253 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:16:54,253 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [499816742] [2023-12-02 16:16:54,253 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:16:54,253 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:16:54,287 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:16:54,288 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [650484887] [2023-12-02 16:16:54,288 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:16:54,288 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:16:54,288 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:16:54,289 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:16:54,291 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2023-12-02 16:16:54,599 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 16:16:54,603 INFO L262 TraceCheckSpWp]: Trace formula consists of 570 conjuncts, 29 conjunts are in the unsatisfiable core [2023-12-02 16:16:54,608 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:16:54,637 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2023-12-02 16:16:54,668 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2023-12-02 16:16:54,729 INFO L134 CoverageAnalysis]: Checked inductivity of 100 backedges. 64 proven. 7 refuted. 0 times theorem prover too weak. 29 trivial. 0 not checked. [2023-12-02 16:16:54,729 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:16:54,963 INFO L134 CoverageAnalysis]: Checked inductivity of 100 backedges. 36 proven. 8 refuted. 0 times theorem prover too weak. 56 trivial. 0 not checked. [2023-12-02 16:16:54,964 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:16:54,964 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [499816742] [2023-12-02 16:16:54,964 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:16:54,964 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [650484887] [2023-12-02 16:16:54,964 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [650484887] provided 0 perfect and 2 imperfect interpolant sequences [2023-12-02 16:16:54,964 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1773003641] [2023-12-02 16:16:54,988 INFO L159 IcfgInterpreter]: Started Sifa with 23 locations of interest [2023-12-02 16:16:54,988 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:16:54,993 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:16:55,000 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:16:55,001 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:16:56,333 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 15 for LOIs [2023-12-02 16:16:56,593 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:16:57,583 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSifa [1773003641] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 16:16:57,583 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2023-12-02 16:16:57,584 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11] imperfect sequences [7, 6] total 22 [2023-12-02 16:16:57,584 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [784966398] [2023-12-02 16:16:57,584 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 16:16:57,585 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 13 states [2023-12-02 16:16:57,585 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:16:57,585 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2023-12-02 16:16:57,586 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=68, Invalid=394, Unknown=0, NotChecked=0, Total=462 [2023-12-02 16:16:57,586 INFO L87 Difference]: Start difference. First operand 155 states and 170 transitions. Second operand has 13 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 11 states have internal predecessors, (17), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (5), 1 states have call predecessors, (5), 5 states have call successors, (5) [2023-12-02 16:16:58,878 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:16:58,879 INFO L93 Difference]: Finished difference Result 235 states and 260 transitions. [2023-12-02 16:16:58,879 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2023-12-02 16:16:58,880 INFO L78 Accepts]: Start accepts. Automaton has has 13 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 11 states have internal predecessors, (17), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (5), 1 states have call predecessors, (5), 5 states have call successors, (5) Word has length 50 [2023-12-02 16:16:58,880 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:16:58,882 INFO L225 Difference]: With dead ends: 235 [2023-12-02 16:16:58,882 INFO L226 Difference]: Without dead ends: 235 [2023-12-02 16:16:58,882 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 152 GetRequests, 121 SyntacticMatches, 7 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 164 ImplicationChecksByTransitivity, 1.5s TimeCoverageRelationStatistics Valid=96, Invalid=554, Unknown=0, NotChecked=0, Total=650 [2023-12-02 16:16:58,883 INFO L413 NwaCegarLoop]: 104 mSDtfsCounter, 150 mSDsluCounter, 644 mSDsCounter, 0 mSdLazyCounter, 741 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 151 SdHoareTripleChecker+Valid, 748 SdHoareTripleChecker+Invalid, 754 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 741 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2023-12-02 16:16:58,884 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [151 Valid, 748 Invalid, 754 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 741 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2023-12-02 16:16:58,885 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 235 states. [2023-12-02 16:16:58,895 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 235 to 200. [2023-12-02 16:16:58,896 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 200 states, 115 states have (on average 1.9739130434782608) internal successors, (227), 183 states have internal predecessors, (227), 12 states have call successors, (12), 4 states have call predecessors, (12), 4 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2023-12-02 16:16:58,898 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 200 states to 200 states and 251 transitions. [2023-12-02 16:16:58,898 INFO L78 Accepts]: Start accepts. Automaton has 200 states and 251 transitions. Word has length 50 [2023-12-02 16:16:58,898 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:16:58,898 INFO L495 AbstractCegarLoop]: Abstraction has 200 states and 251 transitions. [2023-12-02 16:16:58,899 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 13 states, 6 states have (on average 2.8333333333333335) internal successors, (17), 11 states have internal predecessors, (17), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (5), 1 states have call predecessors, (5), 5 states have call successors, (5) [2023-12-02 16:16:58,899 INFO L276 IsEmpty]: Start isEmpty. Operand 200 states and 251 transitions. [2023-12-02 16:16:58,900 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2023-12-02 16:16:58,900 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:16:58,901 INFO L195 NwaCegarLoop]: trace histogram [6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:16:58,908 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2023-12-02 16:16:59,103 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:16:59,104 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:16:59,104 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:16:59,104 INFO L85 PathProgramCache]: Analyzing trace with hash -1770055618, now seen corresponding path program 1 times [2023-12-02 16:16:59,104 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:16:59,104 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1819813981] [2023-12-02 16:16:59,105 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:16:59,105 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:16:59,131 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:16:59,131 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [1367864537] [2023-12-02 16:16:59,131 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:16:59,131 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:16:59,131 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:16:59,132 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:16:59,135 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2023-12-02 16:16:59,314 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 16:16:59,318 INFO L262 TraceCheckSpWp]: Trace formula consists of 613 conjuncts, 22 conjunts are in the unsatisfiable core [2023-12-02 16:16:59,323 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:16:59,392 WARN L876 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1) |c_#valid|)) is different from true [2023-12-02 16:16:59,418 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2023-12-02 16:16:59,418 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2023-12-02 16:16:59,430 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 61 proven. 1 refuted. 0 times theorem prover too weak. 58 trivial. 6 not checked. [2023-12-02 16:16:59,430 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:16:59,608 INFO L349 Elim1Store]: treesize reduction 5, result has 37.5 percent of original size [2023-12-02 16:16:59,608 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 11 [2023-12-02 16:16:59,624 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 61 proven. 7 refuted. 0 times theorem prover too weak. 58 trivial. 0 not checked. [2023-12-02 16:16:59,625 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:16:59,625 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1819813981] [2023-12-02 16:16:59,625 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:16:59,625 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1367864537] [2023-12-02 16:16:59,625 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1367864537] provided 0 perfect and 2 imperfect interpolant sequences [2023-12-02 16:16:59,625 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [132171525] [2023-12-02 16:16:59,628 INFO L159 IcfgInterpreter]: Started Sifa with 24 locations of interest [2023-12-02 16:16:59,628 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:16:59,629 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:16:59,629 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:16:59,629 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:17:00,564 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 15 for LOIs [2023-12-02 16:17:00,780 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:17:01,754 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '2632#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= |ULTIMATE.start_l0_insert_#in~list#1.offset| 0) (= 3 |ULTIMATE.start_l0_insert_#in~list#1.base|) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (not (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1)))' at error location [2023-12-02 16:17:01,754 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 16:17:01,754 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2023-12-02 16:17:01,754 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 8] total 11 [2023-12-02 16:17:01,754 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [70500457] [2023-12-02 16:17:01,754 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2023-12-02 16:17:01,755 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2023-12-02 16:17:01,755 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:17:01,756 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2023-12-02 16:17:01,756 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=62, Invalid=447, Unknown=1, NotChecked=42, Total=552 [2023-12-02 16:17:01,756 INFO L87 Difference]: Start difference. First operand 200 states and 251 transitions. Second operand has 12 states, 10 states have (on average 3.2) internal successors, (32), 10 states have internal predecessors, (32), 2 states have call successors, (7), 3 states have call predecessors, (7), 4 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) [2023-12-02 16:17:02,125 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:17:02,125 INFO L93 Difference]: Finished difference Result 198 states and 247 transitions. [2023-12-02 16:17:02,125 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2023-12-02 16:17:02,126 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 10 states have (on average 3.2) internal successors, (32), 10 states have internal predecessors, (32), 2 states have call successors, (7), 3 states have call predecessors, (7), 4 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) Word has length 54 [2023-12-02 16:17:02,126 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:17:02,128 INFO L225 Difference]: With dead ends: 198 [2023-12-02 16:17:02,128 INFO L226 Difference]: Without dead ends: 198 [2023-12-02 16:17:02,128 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 164 GetRequests, 130 SyntacticMatches, 10 SemanticMatches, 24 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 122 ImplicationChecksByTransitivity, 1.1s TimeCoverageRelationStatistics Valid=74, Invalid=529, Unknown=1, NotChecked=46, Total=650 [2023-12-02 16:17:02,129 INFO L413 NwaCegarLoop]: 126 mSDtfsCounter, 19 mSDsluCounter, 610 mSDsCounter, 0 mSdLazyCounter, 511 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 19 SdHoareTripleChecker+Valid, 736 SdHoareTripleChecker+Invalid, 686 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 511 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 157 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2023-12-02 16:17:02,130 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [19 Valid, 736 Invalid, 686 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 511 Invalid, 0 Unknown, 157 Unchecked, 0.3s Time] [2023-12-02 16:17:02,131 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 198 states. [2023-12-02 16:17:02,138 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 198 to 198. [2023-12-02 16:17:02,138 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 198 states, 115 states have (on average 1.9391304347826086) internal successors, (223), 181 states have internal predecessors, (223), 12 states have call successors, (12), 4 states have call predecessors, (12), 4 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2023-12-02 16:17:02,140 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 198 states to 198 states and 247 transitions. [2023-12-02 16:17:02,140 INFO L78 Accepts]: Start accepts. Automaton has 198 states and 247 transitions. Word has length 54 [2023-12-02 16:17:02,140 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:17:02,141 INFO L495 AbstractCegarLoop]: Abstraction has 198 states and 247 transitions. [2023-12-02 16:17:02,141 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 10 states have (on average 3.2) internal successors, (32), 10 states have internal predecessors, (32), 2 states have call successors, (7), 3 states have call predecessors, (7), 4 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) [2023-12-02 16:17:02,141 INFO L276 IsEmpty]: Start isEmpty. Operand 198 states and 247 transitions. [2023-12-02 16:17:02,142 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2023-12-02 16:17:02,142 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:17:02,142 INFO L195 NwaCegarLoop]: trace histogram [6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:17:02,152 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2023-12-02 16:17:02,343 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5,6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:17:02,348 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:17:02,349 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:17:02,349 INFO L85 PathProgramCache]: Analyzing trace with hash -1770055617, now seen corresponding path program 1 times [2023-12-02 16:17:02,349 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:17:02,349 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1267140159] [2023-12-02 16:17:02,350 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:17:02,350 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:17:02,372 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:17:02,373 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [2064934250] [2023-12-02 16:17:02,373 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:17:02,373 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:17:02,373 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:17:02,374 INFO L229 MonitoredProcess]: Starting monitored process 7 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:17:02,378 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2023-12-02 16:17:02,742 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 16:17:02,746 INFO L262 TraceCheckSpWp]: Trace formula consists of 613 conjuncts, 25 conjunts are in the unsatisfiable core [2023-12-02 16:17:02,750 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:17:02,765 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2023-12-02 16:17:02,786 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2023-12-02 16:17:02,831 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 84 proven. 7 refuted. 0 times theorem prover too weak. 35 trivial. 0 not checked. [2023-12-02 16:17:02,831 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:17:03,052 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 21 proven. 15 refuted. 0 times theorem prover too weak. 90 trivial. 0 not checked. [2023-12-02 16:17:03,052 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:17:03,052 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1267140159] [2023-12-02 16:17:03,052 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:17:03,052 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2064934250] [2023-12-02 16:17:03,052 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2064934250] provided 0 perfect and 2 imperfect interpolant sequences [2023-12-02 16:17:03,052 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2118248852] [2023-12-02 16:17:03,055 INFO L159 IcfgInterpreter]: Started Sifa with 24 locations of interest [2023-12-02 16:17:03,055 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:17:03,056 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:17:03,056 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:17:03,056 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:17:06,260 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2023-12-02 16:17:06,458 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:17:12,051 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '3375#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l4_insert_~item~0#1.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= |ULTIMATE.start_l0_insert_#in~list#1.offset| 0) (= |ULTIMATE.start_l4_insert_#in~list#1.offset| 0) (= 3 |ULTIMATE.start_l0_insert_#in~list#1.base|) (= 4 |ULTIMATE.start_l3_insert_#in~list#1.offset|) (<= (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|) 7) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l1_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (= 0 |ULTIMATE.start_l4_insert_~list#1.offset|) (or (and (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_60| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_60| 3) 0) 0)) (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (exists ((|v_#length_BEFORE_CALL_60| (Array Int Int))) (and (= (select |v_#length_BEFORE_CALL_60| 3) 4) (= (select |v_#length_BEFORE_CALL_60| 2) 14) (= (select |v_#length_BEFORE_CALL_60| 1) 2))) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (= |ULTIMATE.start_l4_insert_~list#1.base| |ULTIMATE.start_l4_insert_#in~list#1.base|) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |ULTIMATE.start_l4_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= |ULTIMATE.start_l2_insert_~item~2#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l0_insert_~item~4#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_89| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_127| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_89| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_127| 4294967296)) (or (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_127|) (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_127| 0)))) (not (= |ULTIMATE.start_l4_insert_#t~ret7#1.base| 0)) (exists ((|v_#memory_int_BEFORE_CALL_60| (Array Int (Array Int Int)))) (and (= 48 (select (select |v_#memory_int_BEFORE_CALL_60| 1) 0)) (= (select (select |v_#memory_int_BEFORE_CALL_60| 1) 1) 0))) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_60| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_60| 3) 0) 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= |ULTIMATE.start_l1_insert_~item~3#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|)) (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (= |ULTIMATE.start_l4_insert_~list#1.base| |ULTIMATE.start_l4_insert_#in~list#1.base|) (exists ((|v_#length_BEFORE_CALL_58| (Array Int Int))) (and (= 2 (select |v_#length_BEFORE_CALL_58| 1)) (= 14 (select |v_#length_BEFORE_CALL_58| 2)) (= (select |v_#length_BEFORE_CALL_58| 3) 4))) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |ULTIMATE.start_l4_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (exists ((|v_#memory_int_BEFORE_CALL_58| (Array Int (Array Int Int)))) (and (= (select (select |v_#memory_int_BEFORE_CALL_58| 1) 1) 0) (= (select (select |v_#memory_int_BEFORE_CALL_58| 1) 0) 48))) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= |ULTIMATE.start_l2_insert_~item~2#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l0_insert_~item~4#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_58| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_58| 3) 0) 0)) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_89| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_127| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_89| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_127| 4294967296)) (or (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_127|) (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_127| 0)))) (not (= |ULTIMATE.start_l4_insert_#t~ret7#1.base| 0)) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_58| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_58| 3) 0) 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= |ULTIMATE.start_l1_insert_~item~3#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|))) (= |ULTIMATE.start_l2_insert_#in~list#1.offset| 0) (= |ULTIMATE.start_l3_insert_~list#1.offset| 4) (= |ULTIMATE.start_l4_insert_#t~ret7#1.offset| 0) (= |ULTIMATE.start_l0_insert_~item~4#1.offset| 0) (= |ULTIMATE.start_l1_insert_~item~3#1.offset| 0) (= |ULTIMATE.start_l2_insert_~item~2#1.offset| 0) (= |ULTIMATE.start_l2_insert_~list#1.offset| 0) (= 4 |ULTIMATE.start_l1_insert_#in~list#1.offset|) (= |ULTIMATE.start_l3_insert_~item~1#1.offset| 0))' at error location [2023-12-02 16:17:12,051 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 16:17:12,051 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2023-12-02 16:17:12,051 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6] total 11 [2023-12-02 16:17:12,051 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [551238955] [2023-12-02 16:17:12,051 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2023-12-02 16:17:12,052 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2023-12-02 16:17:12,052 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:17:12,053 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2023-12-02 16:17:12,053 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=160, Invalid=891, Unknown=5, NotChecked=0, Total=1056 [2023-12-02 16:17:12,054 INFO L87 Difference]: Start difference. First operand 198 states and 247 transitions. Second operand has 11 states, 9 states have (on average 3.7777777777777777) internal successors, (34), 11 states have internal predecessors, (34), 2 states have call successors, (8), 2 states have call predecessors, (8), 4 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2023-12-02 16:17:12,341 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:17:12,341 INFO L93 Difference]: Finished difference Result 218 states and 271 transitions. [2023-12-02 16:17:12,342 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2023-12-02 16:17:12,342 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 9 states have (on average 3.7777777777777777) internal successors, (34), 11 states have internal predecessors, (34), 2 states have call successors, (8), 2 states have call predecessors, (8), 4 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) Word has length 54 [2023-12-02 16:17:12,342 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:17:12,344 INFO L225 Difference]: With dead ends: 218 [2023-12-02 16:17:12,344 INFO L226 Difference]: Without dead ends: 210 [2023-12-02 16:17:12,345 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 164 GetRequests, 123 SyntacticMatches, 6 SemanticMatches, 35 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 356 ImplicationChecksByTransitivity, 5.8s TimeCoverageRelationStatistics Valid=191, Invalid=1135, Unknown=6, NotChecked=0, Total=1332 [2023-12-02 16:17:12,345 INFO L413 NwaCegarLoop]: 134 mSDtfsCounter, 12 mSDsluCounter, 484 mSDsCounter, 0 mSdLazyCounter, 192 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 12 SdHoareTripleChecker+Valid, 618 SdHoareTripleChecker+Invalid, 203 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 192 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-12-02 16:17:12,346 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [12 Valid, 618 Invalid, 203 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 192 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-12-02 16:17:12,347 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 210 states. [2023-12-02 16:17:12,353 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 210 to 210. [2023-12-02 16:17:12,353 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 210 states, 127 states have (on average 1.8503937007874016) internal successors, (235), 193 states have internal predecessors, (235), 12 states have call successors, (12), 4 states have call predecessors, (12), 4 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2023-12-02 16:17:12,355 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 210 states to 210 states and 259 transitions. [2023-12-02 16:17:12,355 INFO L78 Accepts]: Start accepts. Automaton has 210 states and 259 transitions. Word has length 54 [2023-12-02 16:17:12,355 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:17:12,356 INFO L495 AbstractCegarLoop]: Abstraction has 210 states and 259 transitions. [2023-12-02 16:17:12,356 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 9 states have (on average 3.7777777777777777) internal successors, (34), 11 states have internal predecessors, (34), 2 states have call successors, (8), 2 states have call predecessors, (8), 4 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2023-12-02 16:17:12,356 INFO L276 IsEmpty]: Start isEmpty. Operand 210 states and 259 transitions. [2023-12-02 16:17:12,357 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 73 [2023-12-02 16:17:12,357 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:17:12,358 INFO L195 NwaCegarLoop]: trace histogram [24, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:17:12,365 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Ended with exit code 0 [2023-12-02 16:17:12,558 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,7 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:17:12,558 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:17:12,559 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:17:12,559 INFO L85 PathProgramCache]: Analyzing trace with hash 1041192179, now seen corresponding path program 2 times [2023-12-02 16:17:12,559 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:17:12,559 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1305122963] [2023-12-02 16:17:12,559 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:17:12,559 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:17:12,591 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:17:12,591 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [2005459520] [2023-12-02 16:17:12,591 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2023-12-02 16:17:12,591 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:17:12,591 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:17:12,592 INFO L229 MonitoredProcess]: Starting monitored process 8 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:17:12,593 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Waiting until timeout for monitored process [2023-12-02 16:17:13,027 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 3 check-sat command(s) [2023-12-02 16:17:13,027 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2023-12-02 16:17:13,030 INFO L262 TraceCheckSpWp]: Trace formula consists of 361 conjuncts, 46 conjunts are in the unsatisfiable core [2023-12-02 16:17:13,034 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:17:13,051 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2023-12-02 16:17:13,058 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2023-12-02 16:17:13,178 WARN L876 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_calloc_model_~ptr~0#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_calloc_model_~ptr~0#1.base| (select |c_#length| |zalloc_or_die_calloc_model_~ptr~0#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_calloc_model_~ptr~0#1.base|) 0))) is different from true [2023-12-02 16:17:13,212 INFO L190 IndexEqualityManager]: detected not equals via solver [2023-12-02 16:17:13,213 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 16 treesize of output 11 [2023-12-02 16:17:13,220 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2023-12-02 16:17:13,220 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2023-12-02 16:17:13,236 INFO L134 CoverageAnalysis]: Checked inductivity of 495 backedges. 229 proven. 0 refuted. 0 times theorem prover too weak. 238 trivial. 28 not checked. [2023-12-02 16:17:13,236 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:17:13,326 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:17:13,326 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1305122963] [2023-12-02 16:17:13,327 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:17:13,327 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2005459520] [2023-12-02 16:17:13,327 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2005459520] provided 0 perfect and 1 imperfect interpolant sequences [2023-12-02 16:17:13,327 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [323438180] [2023-12-02 16:17:13,330 INFO L159 IcfgInterpreter]: Started Sifa with 24 locations of interest [2023-12-02 16:17:13,330 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:17:13,330 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:17:13,331 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:17:13,331 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:17:14,082 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 15 for LOIs [2023-12-02 16:17:14,237 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:17:15,056 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4064#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= |ULTIMATE.start_l0_insert_#in~list#1.offset| 0) (= 3 |ULTIMATE.start_l0_insert_#in~list#1.base|) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (or (< (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) (< (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) 0)))' at error location [2023-12-02 16:17:15,057 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 16:17:15,057 INFO L185 FreeRefinementEngine]: Found 0 perfect and 1 imperfect interpolant sequences. [2023-12-02 16:17:15,057 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9] total 9 [2023-12-02 16:17:15,057 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [254612454] [2023-12-02 16:17:15,057 INFO L85 oduleStraightlineAll]: Using 1 imperfect interpolants to construct interpolant automaton [2023-12-02 16:17:15,058 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2023-12-02 16:17:15,058 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:17:15,058 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2023-12-02 16:17:15,059 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=61, Invalid=448, Unknown=1, NotChecked=42, Total=552 [2023-12-02 16:17:15,059 INFO L87 Difference]: Start difference. First operand 210 states and 259 transitions. Second operand has 10 states, 7 states have (on average 3.857142857142857) internal successors, (27), 7 states have internal predecessors, (27), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:17:15,553 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:17:15,553 INFO L93 Difference]: Finished difference Result 208 states and 255 transitions. [2023-12-02 16:17:15,553 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2023-12-02 16:17:15,553 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 7 states have (on average 3.857142857142857) internal successors, (27), 7 states have internal predecessors, (27), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 72 [2023-12-02 16:17:15,554 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:17:15,555 INFO L225 Difference]: With dead ends: 208 [2023-12-02 16:17:15,555 INFO L226 Difference]: Without dead ends: 208 [2023-12-02 16:17:15,555 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 148 GetRequests, 117 SyntacticMatches, 6 SemanticMatches, 25 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 122 ImplicationChecksByTransitivity, 1.0s TimeCoverageRelationStatistics Valid=72, Invalid=581, Unknown=1, NotChecked=48, Total=702 [2023-12-02 16:17:15,556 INFO L413 NwaCegarLoop]: 119 mSDtfsCounter, 9 mSDsluCounter, 445 mSDsCounter, 0 mSdLazyCounter, 676 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 9 SdHoareTripleChecker+Valid, 564 SdHoareTripleChecker+Invalid, 837 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 676 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 154 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2023-12-02 16:17:15,556 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [9 Valid, 564 Invalid, 837 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 676 Invalid, 0 Unknown, 154 Unchecked, 0.4s Time] [2023-12-02 16:17:15,557 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 208 states. [2023-12-02 16:17:15,560 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 208 to 208. [2023-12-02 16:17:15,561 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 208 states, 127 states have (on average 1.8188976377952757) internal successors, (231), 191 states have internal predecessors, (231), 12 states have call successors, (12), 4 states have call predecessors, (12), 4 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2023-12-02 16:17:15,562 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 208 states to 208 states and 255 transitions. [2023-12-02 16:17:15,562 INFO L78 Accepts]: Start accepts. Automaton has 208 states and 255 transitions. Word has length 72 [2023-12-02 16:17:15,563 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:17:15,563 INFO L495 AbstractCegarLoop]: Abstraction has 208 states and 255 transitions. [2023-12-02 16:17:15,563 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 7 states have (on average 3.857142857142857) internal successors, (27), 7 states have internal predecessors, (27), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:17:15,563 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 255 transitions. [2023-12-02 16:17:15,564 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 74 [2023-12-02 16:17:15,565 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:17:15,565 INFO L195 NwaCegarLoop]: trace histogram [24, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:17:15,570 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Ended with exit code 0 [2023-12-02 16:17:15,765 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,8 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:17:15,766 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:17:15,766 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:17:15,766 INFO L85 PathProgramCache]: Analyzing trace with hash -2082771480, now seen corresponding path program 1 times [2023-12-02 16:17:15,766 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:17:15,766 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [442619714] [2023-12-02 16:17:15,766 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:17:15,766 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:17:15,804 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:17:15,804 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [536502680] [2023-12-02 16:17:15,805 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:17:15,805 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:17:15,805 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:17:15,806 INFO L229 MonitoredProcess]: Starting monitored process 9 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:17:15,821 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (9)] Waiting until timeout for monitored process [2023-12-02 16:17:16,050 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 16:17:16,054 INFO L262 TraceCheckSpWp]: Trace formula consists of 899 conjuncts, 33 conjunts are in the unsatisfiable core [2023-12-02 16:17:16,057 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:17:16,117 WARN L876 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1) |c_#valid|)) is different from true [2023-12-02 16:17:16,132 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2023-12-02 16:17:16,132 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2023-12-02 16:17:16,161 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2023-12-02 16:17:16,161 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2023-12-02 16:17:16,172 INFO L134 CoverageAnalysis]: Checked inductivity of 495 backedges. 260 proven. 2 refuted. 0 times theorem prover too weak. 179 trivial. 54 not checked. [2023-12-02 16:17:16,172 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:17:16,432 INFO L349 Elim1Store]: treesize reduction 5, result has 37.5 percent of original size [2023-12-02 16:17:16,433 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 11 [2023-12-02 16:17:16,444 INFO L134 CoverageAnalysis]: Checked inductivity of 495 backedges. 260 proven. 56 refuted. 0 times theorem prover too weak. 179 trivial. 0 not checked. [2023-12-02 16:17:16,444 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:17:16,444 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [442619714] [2023-12-02 16:17:16,444 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:17:16,445 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [536502680] [2023-12-02 16:17:16,445 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [536502680] provided 0 perfect and 2 imperfect interpolant sequences [2023-12-02 16:17:16,445 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1175990963] [2023-12-02 16:17:16,447 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2023-12-02 16:17:16,447 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:17:16,448 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:17:16,448 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:17:16,448 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:17:17,218 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 15 for LOIs [2023-12-02 16:17:17,379 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:17:18,692 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4943#(and (not (= (select |#valid| |ULTIMATE.start_l4_insert_~list#1.base|) 1)) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (exists ((|v_#memory_$Pointer$.offset_279| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_279| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_279| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= |ULTIMATE.start_l0_insert_#in~list#1.offset| 0) (= 3 |ULTIMATE.start_l0_insert_#in~list#1.base|) (exists ((|v_#memory_int_244| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_244| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_244| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) (exists ((|v_#memory_$Pointer$.base_279| (Array Int (Array Int Int)))) (= (store |v_#memory_$Pointer$.base_279| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_279| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))) |#memory_$Pointer$.base|)))' at error location [2023-12-02 16:17:18,692 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 16:17:18,692 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2023-12-02 16:17:18,693 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 9] total 12 [2023-12-02 16:17:18,693 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1110752728] [2023-12-02 16:17:18,693 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2023-12-02 16:17:18,693 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 13 states [2023-12-02 16:17:18,693 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:17:18,694 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2023-12-02 16:17:18,694 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=68, Invalid=535, Unknown=1, NotChecked=46, Total=650 [2023-12-02 16:17:18,694 INFO L87 Difference]: Start difference. First operand 208 states and 255 transitions. Second operand has 13 states, 11 states have (on average 3.0) internal successors, (33), 11 states have internal predecessors, (33), 2 states have call successors, (8), 3 states have call predecessors, (8), 4 states have return successors, (8), 3 states have call predecessors, (8), 2 states have call successors, (8) [2023-12-02 16:17:19,141 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:17:19,142 INFO L93 Difference]: Finished difference Result 205 states and 249 transitions. [2023-12-02 16:17:19,142 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2023-12-02 16:17:19,142 INFO L78 Accepts]: Start accepts. Automaton has has 13 states, 11 states have (on average 3.0) internal successors, (33), 11 states have internal predecessors, (33), 2 states have call successors, (8), 3 states have call predecessors, (8), 4 states have return successors, (8), 3 states have call predecessors, (8), 2 states have call successors, (8) Word has length 73 [2023-12-02 16:17:19,143 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:17:19,144 INFO L225 Difference]: With dead ends: 205 [2023-12-02 16:17:19,144 INFO L226 Difference]: Without dead ends: 205 [2023-12-02 16:17:19,144 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 222 GetRequests, 181 SyntacticMatches, 14 SemanticMatches, 27 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 148 ImplicationChecksByTransitivity, 1.5s TimeCoverageRelationStatistics Valid=84, Invalid=675, Unknown=1, NotChecked=52, Total=812 [2023-12-02 16:17:19,145 INFO L413 NwaCegarLoop]: 117 mSDtfsCounter, 31 mSDsluCounter, 795 mSDsCounter, 0 mSdLazyCounter, 722 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 31 SdHoareTripleChecker+Valid, 912 SdHoareTripleChecker+Invalid, 884 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 722 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 152 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2023-12-02 16:17:19,145 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [31 Valid, 912 Invalid, 884 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 722 Invalid, 0 Unknown, 152 Unchecked, 0.4s Time] [2023-12-02 16:17:19,145 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 205 states. [2023-12-02 16:17:19,149 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 205 to 205. [2023-12-02 16:17:19,149 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 205 states, 127 states have (on average 1.7716535433070866) internal successors, (225), 188 states have internal predecessors, (225), 12 states have call successors, (12), 4 states have call predecessors, (12), 4 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2023-12-02 16:17:19,150 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 205 states to 205 states and 249 transitions. [2023-12-02 16:17:19,150 INFO L78 Accepts]: Start accepts. Automaton has 205 states and 249 transitions. Word has length 73 [2023-12-02 16:17:19,151 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:17:19,151 INFO L495 AbstractCegarLoop]: Abstraction has 205 states and 249 transitions. [2023-12-02 16:17:19,151 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 13 states, 11 states have (on average 3.0) internal successors, (33), 11 states have internal predecessors, (33), 2 states have call successors, (8), 3 states have call predecessors, (8), 4 states have return successors, (8), 3 states have call predecessors, (8), 2 states have call successors, (8) [2023-12-02 16:17:19,151 INFO L276 IsEmpty]: Start isEmpty. Operand 205 states and 249 transitions. [2023-12-02 16:17:19,152 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 74 [2023-12-02 16:17:19,152 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:17:19,152 INFO L195 NwaCegarLoop]: trace histogram [24, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:17:19,158 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (9)] Ended with exit code 0 [2023-12-02 16:17:19,352 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,9 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:17:19,353 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:17:19,353 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:17:19,353 INFO L85 PathProgramCache]: Analyzing trace with hash -2082771479, now seen corresponding path program 1 times [2023-12-02 16:17:19,353 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:17:19,353 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1659881719] [2023-12-02 16:17:19,353 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:17:19,353 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:17:19,384 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:17:19,384 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [337101973] [2023-12-02 16:17:19,385 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:17:19,385 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:17:19,385 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:17:19,386 INFO L229 MonitoredProcess]: Starting monitored process 10 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:17:19,388 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (10)] Waiting until timeout for monitored process [2023-12-02 16:17:19,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 16:17:19,925 INFO L262 TraceCheckSpWp]: Trace formula consists of 899 conjuncts, 68 conjunts are in the unsatisfiable core [2023-12-02 16:17:19,928 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:17:19,957 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2023-12-02 16:17:20,328 WARN L876 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2023-12-02 16:17:20,472 INFO L190 IndexEqualityManager]: detected not equals via solver [2023-12-02 16:17:20,472 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 13 [2023-12-02 16:17:20,482 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2023-12-02 16:17:20,483 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2023-12-02 16:17:20,521 INFO L134 CoverageAnalysis]: Checked inductivity of 495 backedges. 197 proven. 134 refuted. 0 times theorem prover too weak. 148 trivial. 16 not checked. [2023-12-02 16:17:20,522 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:17:20,625 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:17:20,625 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1659881719] [2023-12-02 16:17:20,625 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:17:20,625 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [337101973] [2023-12-02 16:17:20,625 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [337101973] provided 0 perfect and 1 imperfect interpolant sequences [2023-12-02 16:17:20,626 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1019204602] [2023-12-02 16:17:20,628 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2023-12-02 16:17:20,628 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:17:20,628 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:17:20,628 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:17:20,629 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:17:22,797 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2023-12-02 16:17:22,985 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:18:05,986 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '5624#(and (<= (select |#length| |ULTIMATE.start_l4_insert_~list#1.base|) 3) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l4_insert_~item~0#1.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= |ULTIMATE.start_l0_insert_#in~list#1.offset| 0) (= |ULTIMATE.start_l4_insert_#in~list#1.offset| 0) (= 3 |ULTIMATE.start_l0_insert_#in~list#1.base|) (= 4 |ULTIMATE.start_l3_insert_#in~list#1.offset|) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l1_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (= 0 |ULTIMATE.start_l4_insert_~list#1.offset|) (or (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (= |ULTIMATE.start_l4_insert_~list#1.base| |ULTIMATE.start_l4_insert_#in~list#1.base|) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |ULTIMATE.start_l4_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= |ULTIMATE.start_l2_insert_~item~2#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l0_insert_~item~4#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_148| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_148| 3) 0) 0)) (exists ((|v_old(#memory_int)_AFTER_CALL_100| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_100| 1) 1) 0) (= 48 (select (select |v_old(#memory_int)_AFTER_CALL_100| 1) 0)))) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (exists ((|v_#length_BEFORE_CALL_152| (Array Int Int))) (and (= (select |v_#length_BEFORE_CALL_152| 2) 14) (= (select |v_#length_BEFORE_CALL_152| 3) 4) (= (select |v_#length_BEFORE_CALL_152| 1) 2))) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_148| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_148| 3) 0) 0)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= |ULTIMATE.start_l1_insert_~item~3#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_235| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_123| Int)) (and (or (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_235| 0) (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_235|)) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_123| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_235| 4294967296))))) (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (= |ULTIMATE.start_l4_insert_~list#1.base| |ULTIMATE.start_l4_insert_#in~list#1.base|) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |ULTIMATE.start_l4_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= |ULTIMATE.start_l2_insert_~item~2#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l0_insert_~item~4#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (exists ((|v_old(#memory_int)_AFTER_CALL_101| (Array Int (Array Int Int)))) (and (= 48 (select (select |v_old(#memory_int)_AFTER_CALL_101| 1) 0)) (= (select (select |v_old(#memory_int)_AFTER_CALL_101| 1) 1) 0))) (exists ((|v_#length_BEFORE_CALL_154| (Array Int Int))) (and (= 14 (select |v_#length_BEFORE_CALL_154| 2)) (= (select |v_#length_BEFORE_CALL_154| 3) 4) (= 2 (select |v_#length_BEFORE_CALL_154| 1)))) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_150| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_150| 3) 0) 0)) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_150| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_150| 3) 0) 0)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= |ULTIMATE.start_l1_insert_~item~3#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_235| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_123| Int)) (and (or (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_235| 0) (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_235|)) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_123| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_235| 4294967296)))))) (<= 8 (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= |ULTIMATE.start_l2_insert_#in~list#1.offset| 0) (= |ULTIMATE.start_l3_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~item~4#1.offset| 0) (= |ULTIMATE.start_l1_insert_~item~3#1.offset| 0) (exists ((|v_#memory_$Pointer$.offset_294| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_294| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_294| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 0)))) (exists ((|v_#memory_int_259| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_259| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_259| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))))) (exists ((|v_#memory_$Pointer$.base_294| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_294| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_294| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))))) (= |ULTIMATE.start_l2_insert_~item~2#1.offset| 0) (= |ULTIMATE.start_l2_insert_~list#1.offset| 0) (= 4 |ULTIMATE.start_l1_insert_#in~list#1.offset|) (= |ULTIMATE.start_l3_insert_~item~1#1.offset| 0))' at error location [2023-12-02 16:18:05,986 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 16:18:05,987 INFO L185 FreeRefinementEngine]: Found 0 perfect and 1 imperfect interpolant sequences. [2023-12-02 16:18:05,987 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [23] total 23 [2023-12-02 16:18:05,987 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1803320463] [2023-12-02 16:18:05,987 INFO L85 oduleStraightlineAll]: Using 1 imperfect interpolants to construct interpolant automaton [2023-12-02 16:18:05,987 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 23 states [2023-12-02 16:18:05,988 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:18:05,988 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2023-12-02 16:18:05,989 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=198, Invalid=1946, Unknown=22, NotChecked=90, Total=2256 [2023-12-02 16:18:05,989 INFO L87 Difference]: Start difference. First operand 205 states and 249 transitions. Second operand has 23 states, 21 states have (on average 1.8571428571428572) internal successors, (39), 20 states have internal predecessors, (39), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:18:08,019 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:18:12,596 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:18:14,751 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.01s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:18:15,530 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:18:15,530 INFO L93 Difference]: Finished difference Result 219 states and 277 transitions. [2023-12-02 16:18:15,531 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2023-12-02 16:18:15,531 INFO L78 Accepts]: Start accepts. Automaton has has 23 states, 21 states have (on average 1.8571428571428572) internal successors, (39), 20 states have internal predecessors, (39), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 73 [2023-12-02 16:18:15,531 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:18:15,533 INFO L225 Difference]: With dead ends: 219 [2023-12-02 16:18:15,534 INFO L226 Difference]: Without dead ends: 217 [2023-12-02 16:18:15,535 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 158 GetRequests, 97 SyntacticMatches, 6 SemanticMatches, 55 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 821 ImplicationChecksByTransitivity, 45.9s TimeCoverageRelationStatistics Valid=262, Invalid=2797, Unknown=25, NotChecked=108, Total=3192 [2023-12-02 16:18:15,535 INFO L413 NwaCegarLoop]: 126 mSDtfsCounter, 12 mSDsluCounter, 1237 mSDsCounter, 0 mSdLazyCounter, 1164 mSolverCounterSat, 6 mSolverCounterUnsat, 3 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 7.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 12 SdHoareTripleChecker+Valid, 1363 SdHoareTripleChecker+Invalid, 1341 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 1164 IncrementalHoareTripleChecker+Invalid, 3 IncrementalHoareTripleChecker+Unknown, 168 IncrementalHoareTripleChecker+Unchecked, 7.1s IncrementalHoareTripleChecker+Time [2023-12-02 16:18:15,535 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [12 Valid, 1363 Invalid, 1341 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 1164 Invalid, 3 Unknown, 168 Unchecked, 7.1s Time] [2023-12-02 16:18:15,536 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 217 states. [2023-12-02 16:18:15,544 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 217 to 217. [2023-12-02 16:18:15,545 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 217 states, 133 states have (on average 1.7669172932330828) internal successors, (235), 198 states have internal predecessors, (235), 14 states have call successors, (14), 4 states have call predecessors, (14), 8 states have return successors, (26), 14 states have call predecessors, (26), 14 states have call successors, (26) [2023-12-02 16:18:15,546 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 217 states to 217 states and 275 transitions. [2023-12-02 16:18:15,546 INFO L78 Accepts]: Start accepts. Automaton has 217 states and 275 transitions. Word has length 73 [2023-12-02 16:18:15,546 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:18:15,546 INFO L495 AbstractCegarLoop]: Abstraction has 217 states and 275 transitions. [2023-12-02 16:18:15,546 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 23 states, 21 states have (on average 1.8571428571428572) internal successors, (39), 20 states have internal predecessors, (39), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:18:15,546 INFO L276 IsEmpty]: Start isEmpty. Operand 217 states and 275 transitions. [2023-12-02 16:18:15,548 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 75 [2023-12-02 16:18:15,548 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:18:15,548 INFO L195 NwaCegarLoop]: trace histogram [25, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:18:15,559 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (10)] Forceful destruction successful, exit code 0 [2023-12-02 16:18:15,751 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 10 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2023-12-02 16:18:15,752 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:18:15,752 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:18:15,752 INFO L85 PathProgramCache]: Analyzing trace with hash 1932776940, now seen corresponding path program 2 times [2023-12-02 16:18:15,752 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:18:15,752 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1240632399] [2023-12-02 16:18:15,752 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:18:15,753 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:18:15,785 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:18:15,785 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [1921709547] [2023-12-02 16:18:15,785 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2023-12-02 16:18:15,785 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:18:15,785 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:18:15,786 INFO L229 MonitoredProcess]: Starting monitored process 11 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:18:15,789 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (11)] Waiting until timeout for monitored process [2023-12-02 16:18:16,206 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 3 check-sat command(s) [2023-12-02 16:18:16,206 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2023-12-02 16:18:16,209 INFO L262 TraceCheckSpWp]: Trace formula consists of 377 conjuncts, 28 conjunts are in the unsatisfiable core [2023-12-02 16:18:16,211 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:18:16,223 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2023-12-02 16:18:16,276 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 22 treesize of output 16 [2023-12-02 16:18:16,375 INFO L134 CoverageAnalysis]: Checked inductivity of 525 backedges. 145 proven. 10 refuted. 0 times theorem prover too weak. 370 trivial. 0 not checked. [2023-12-02 16:18:16,375 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:18:16,798 INFO L134 CoverageAnalysis]: Checked inductivity of 525 backedges. 145 proven. 10 refuted. 0 times theorem prover too weak. 370 trivial. 0 not checked. [2023-12-02 16:18:16,798 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:18:16,798 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1240632399] [2023-12-02 16:18:16,798 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:18:16,798 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1921709547] [2023-12-02 16:18:16,799 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1921709547] provided 0 perfect and 2 imperfect interpolant sequences [2023-12-02 16:18:16,799 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [338504840] [2023-12-02 16:18:16,801 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2023-12-02 16:18:16,801 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:18:16,801 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:18:16,801 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:18:16,802 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:18:19,004 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2023-12-02 16:18:19,163 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:18:26,389 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6556#(and (or (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_180| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_180| 3) 0) 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (= |ULTIMATE.start_l4_insert_~list#1.base| |ULTIMATE.start_l4_insert_#in~list#1.base|) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |ULTIMATE.start_l4_insert_#in~list#1.base|) (exists ((|v_#length_BEFORE_CALL_184| (Array Int Int))) (and (= 2 (select |v_#length_BEFORE_CALL_184| 1)) (= (select |v_#length_BEFORE_CALL_184| 3) 4) (= (select |v_#length_BEFORE_CALL_184| 2) 14))) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_147| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_297| Int)) (and (or (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_297| 0) (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_297|)) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_147| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_297| 4294967296)))) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= |ULTIMATE.start_l2_insert_~item~2#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l0_insert_~item~4#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (exists ((|v_old(#memory_int)_AFTER_CALL_119| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_119| 1) 1) 0) (= (select (select |v_old(#memory_int)_AFTER_CALL_119| 1) 0) 48))) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_180| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_180| 3) 0) 0)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= |ULTIMATE.start_l1_insert_~item~3#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|)) (and (exists ((|v_old(#memory_int)_AFTER_CALL_118| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_118| 1) 1) 0) (= (select (select |v_old(#memory_int)_AFTER_CALL_118| 1) 0) 48))) (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (= |ULTIMATE.start_l4_insert_~list#1.base| |ULTIMATE.start_l4_insert_#in~list#1.base|) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |ULTIMATE.start_l4_insert_#in~list#1.base|) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_147| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_297| Int)) (and (or (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_297| 0) (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_297|)) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_147| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_297| 4294967296)))) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_178| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_178| 3) 0) 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= |ULTIMATE.start_l2_insert_~item~2#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l0_insert_~item~4#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (exists ((|v_#length_BEFORE_CALL_182| (Array Int Int))) (and (= 14 (select |v_#length_BEFORE_CALL_182| 2)) (= (select |v_#length_BEFORE_CALL_182| 3) 4) (= 2 (select |v_#length_BEFORE_CALL_182| 1)))) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_178| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_178| 3) 0) 0)) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= |ULTIMATE.start_l1_insert_~item~3#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|))) (<= (select |#length| |ULTIMATE.start_l4_insert_~list#1.base|) 3) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l4_insert_~item~0#1.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= |ULTIMATE.start_l0_insert_#in~list#1.offset| 0) (= |ULTIMATE.start_l4_insert_#in~list#1.offset| 0) (= 3 |ULTIMATE.start_l0_insert_#in~list#1.base|) (= 4 |ULTIMATE.start_l3_insert_#in~list#1.offset|) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (exists ((|v_#memory_$Pointer$.offset_344| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_344| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_344| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 0)))) (= |ULTIMATE.start_l1_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (= 0 |ULTIMATE.start_l4_insert_~list#1.offset|) (<= 8 (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= |ULTIMATE.start_l2_insert_#in~list#1.offset| 0) (= |ULTIMATE.start_l3_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~item~4#1.offset| 0) (= |ULTIMATE.start_l1_insert_~item~3#1.offset| 0) (exists ((|v_#memory_$Pointer$.base_344| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_344| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_344| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))))) (= |ULTIMATE.start_l2_insert_~item~2#1.offset| 0) (exists ((|v_#memory_int_309| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_309| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_309| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))))) (= |ULTIMATE.start_l2_insert_~list#1.offset| 0) (= 4 |ULTIMATE.start_l1_insert_#in~list#1.offset|) (= |ULTIMATE.start_l3_insert_~item~1#1.offset| 0))' at error location [2023-12-02 16:18:26,390 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 16:18:26,390 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2023-12-02 16:18:26,390 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9] total 16 [2023-12-02 16:18:26,390 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [383955626] [2023-12-02 16:18:26,390 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2023-12-02 16:18:26,391 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2023-12-02 16:18:26,391 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:18:26,391 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2023-12-02 16:18:26,392 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=210, Invalid=1260, Unknown=12, NotChecked=0, Total=1482 [2023-12-02 16:18:26,392 INFO L87 Difference]: Start difference. First operand 217 states and 275 transitions. Second operand has 16 states, 14 states have (on average 2.4285714285714284) internal successors, (34), 16 states have internal predecessors, (34), 1 states have call successors, (6), 1 states have call predecessors, (6), 3 states have return successors, (7), 2 states have call predecessors, (7), 1 states have call successors, (7) [2023-12-02 16:18:28,385 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:18:28,385 INFO L93 Difference]: Finished difference Result 225 states and 277 transitions. [2023-12-02 16:18:28,385 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2023-12-02 16:18:28,385 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 14 states have (on average 2.4285714285714284) internal successors, (34), 16 states have internal predecessors, (34), 1 states have call successors, (6), 1 states have call predecessors, (6), 3 states have return successors, (7), 2 states have call predecessors, (7), 1 states have call successors, (7) Word has length 74 [2023-12-02 16:18:28,385 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:18:28,387 INFO L225 Difference]: With dead ends: 225 [2023-12-02 16:18:28,387 INFO L226 Difference]: Without dead ends: 219 [2023-12-02 16:18:28,388 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 236 GetRequests, 177 SyntacticMatches, 6 SemanticMatches, 53 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 769 ImplicationChecksByTransitivity, 9.0s TimeCoverageRelationStatistics Valid=435, Invalid=2519, Unknown=16, NotChecked=0, Total=2970 [2023-12-02 16:18:28,389 INFO L413 NwaCegarLoop]: 123 mSDtfsCounter, 33 mSDsluCounter, 1112 mSDsCounter, 0 mSdLazyCounter, 495 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 33 SdHoareTripleChecker+Valid, 1235 SdHoareTripleChecker+Invalid, 516 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 495 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2023-12-02 16:18:28,389 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [33 Valid, 1235 Invalid, 516 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 495 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2023-12-02 16:18:28,390 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 219 states. [2023-12-02 16:18:28,394 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 219 to 219. [2023-12-02 16:18:28,395 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 219 states, 141 states have (on average 1.6950354609929077) internal successors, (239), 202 states have internal predecessors, (239), 12 states have call successors, (12), 4 states have call predecessors, (12), 4 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2023-12-02 16:18:28,396 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 219 states to 219 states and 263 transitions. [2023-12-02 16:18:28,396 INFO L78 Accepts]: Start accepts. Automaton has 219 states and 263 transitions. Word has length 74 [2023-12-02 16:18:28,396 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:18:28,396 INFO L495 AbstractCegarLoop]: Abstraction has 219 states and 263 transitions. [2023-12-02 16:18:28,396 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 14 states have (on average 2.4285714285714284) internal successors, (34), 16 states have internal predecessors, (34), 1 states have call successors, (6), 1 states have call predecessors, (6), 3 states have return successors, (7), 2 states have call predecessors, (7), 1 states have call successors, (7) [2023-12-02 16:18:28,396 INFO L276 IsEmpty]: Start isEmpty. Operand 219 states and 263 transitions. [2023-12-02 16:18:28,397 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2023-12-02 16:18:28,397 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:18:28,398 INFO L195 NwaCegarLoop]: trace histogram [35, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:18:28,405 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (11)] Forceful destruction successful, exit code 0 [2023-12-02 16:18:28,598 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,11 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:18:28,598 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:18:28,599 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:18:28,599 INFO L85 PathProgramCache]: Analyzing trace with hash -1280441928, now seen corresponding path program 3 times [2023-12-02 16:18:28,599 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:18:28,599 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [108210727] [2023-12-02 16:18:28,599 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:18:28,599 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:18:28,648 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:18:28,648 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [252535366] [2023-12-02 16:18:28,648 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2023-12-02 16:18:28,649 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:18:28,649 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:18:28,650 INFO L229 MonitoredProcess]: Starting monitored process 12 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:18:28,651 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (12)] Waiting until timeout for monitored process [2023-12-02 16:18:30,357 INFO L228 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2023-12-02 16:18:30,358 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2023-12-02 16:18:30,365 INFO L262 TraceCheckSpWp]: Trace formula consists of 1064 conjuncts, 76 conjunts are in the unsatisfiable core [2023-12-02 16:18:30,369 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:18:30,392 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2023-12-02 16:18:30,399 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2023-12-02 16:18:36,891 WARN L876 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= |c_#valid| (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2023-12-02 16:18:36,946 INFO L190 IndexEqualityManager]: detected not equals via solver [2023-12-02 16:18:36,947 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 13 [2023-12-02 16:18:36,965 INFO L349 Elim1Store]: treesize reduction 20, result has 33.3 percent of original size [2023-12-02 16:18:36,966 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 16 [2023-12-02 16:18:36,989 WARN L876 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_calloc_model_~ptr~0#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_calloc_model_~ptr~0#1.base| (select |c_#length| |zalloc_or_die_calloc_model_~ptr~0#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_calloc_model_~ptr~0#1.base|) 0))) is different from true [2023-12-02 16:18:37,058 INFO L190 IndexEqualityManager]: detected not equals via solver [2023-12-02 16:18:37,059 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 13 [2023-12-02 16:18:37,073 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2023-12-02 16:18:37,073 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2023-12-02 16:18:37,126 INFO L134 CoverageAnalysis]: Checked inductivity of 880 backedges. 361 proven. 97 refuted. 0 times theorem prover too weak. 177 trivial. 245 not checked. [2023-12-02 16:18:37,127 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:18:37,236 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:18:37,236 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [108210727] [2023-12-02 16:18:37,236 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:18:37,236 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [252535366] [2023-12-02 16:18:37,236 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [252535366] provided 0 perfect and 1 imperfect interpolant sequences [2023-12-02 16:18:37,236 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [401646098] [2023-12-02 16:18:37,238 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2023-12-02 16:18:37,238 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:18:37,238 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:18:37,238 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:18:37,238 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:18:37,859 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 15 for LOIs [2023-12-02 16:18:38,027 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:18:52,101 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '7336#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= |ULTIMATE.start_l0_insert_#in~list#1.offset| 0) (exists ((|v_#memory_$Pointer$.base_364| (Array Int (Array Int Int)))) (= (store |v_#memory_$Pointer$.base_364| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_364| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))) |#memory_$Pointer$.base|)) (= 3 |ULTIMATE.start_l0_insert_#in~list#1.base|) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (exists ((|v_#memory_int_329| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_329| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_329| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) (exists ((|v_#memory_$Pointer$.offset_364| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_364| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_364| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (or (< |ULTIMATE.start_l4_insert_~list#1.offset| 0) (< (select |#length| |ULTIMATE.start_l4_insert_~list#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~list#1.offset|))))' at error location [2023-12-02 16:18:52,101 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 16:18:52,101 INFO L185 FreeRefinementEngine]: Found 0 perfect and 1 imperfect interpolant sequences. [2023-12-02 16:18:52,101 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [20] total 20 [2023-12-02 16:18:52,102 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1150433108] [2023-12-02 16:18:52,102 INFO L85 oduleStraightlineAll]: Using 1 imperfect interpolants to construct interpolant automaton [2023-12-02 16:18:52,102 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 21 states [2023-12-02 16:18:52,102 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:18:52,103 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2023-12-02 16:18:52,104 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=95, Invalid=1029, Unknown=6, NotChecked=130, Total=1260 [2023-12-02 16:18:52,104 INFO L87 Difference]: Start difference. First operand 219 states and 263 transitions. Second operand has 21 states, 19 states have (on average 2.210526315789474) internal successors, (42), 19 states have internal predecessors, (42), 2 states have call successors, (6), 2 states have call predecessors, (6), 4 states have return successors, (6), 4 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:18:54,139 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:18:56,259 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:19:00,347 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:19:04,439 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:19:08,533 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:19:10,627 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:19:13,999 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:19:13,999 INFO L93 Difference]: Finished difference Result 217 states and 259 transitions. [2023-12-02 16:19:14,000 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2023-12-02 16:19:14,001 INFO L78 Accepts]: Start accepts. Automaton has has 21 states, 19 states have (on average 2.210526315789474) internal successors, (42), 19 states have internal predecessors, (42), 2 states have call successors, (6), 2 states have call predecessors, (6), 4 states have return successors, (6), 4 states have call predecessors, (6), 2 states have call successors, (6) Word has length 84 [2023-12-02 16:19:14,001 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:19:14,002 INFO L225 Difference]: With dead ends: 217 [2023-12-02 16:19:14,002 INFO L226 Difference]: Without dead ends: 217 [2023-12-02 16:19:14,003 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 179 GetRequests, 130 SyntacticMatches, 6 SemanticMatches, 43 ConstructedPredicates, 2 IntricatePredicates, 0 DeprecatedPredicates, 391 ImplicationChecksByTransitivity, 29.2s TimeCoverageRelationStatistics Valid=142, Invalid=1662, Unknown=10, NotChecked=166, Total=1980 [2023-12-02 16:19:14,004 INFO L413 NwaCegarLoop]: 115 mSDtfsCounter, 24 mSDsluCounter, 1050 mSDsCounter, 0 mSdLazyCounter, 1171 mSolverCounterSat, 9 mSolverCounterUnsat, 6 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 13.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 24 SdHoareTripleChecker+Valid, 1165 SdHoareTripleChecker+Invalid, 1484 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 1171 IncrementalHoareTripleChecker+Invalid, 6 IncrementalHoareTripleChecker+Unknown, 298 IncrementalHoareTripleChecker+Unchecked, 13.2s IncrementalHoareTripleChecker+Time [2023-12-02 16:19:14,004 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [24 Valid, 1165 Invalid, 1484 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 1171 Invalid, 6 Unknown, 298 Unchecked, 13.2s Time] [2023-12-02 16:19:14,005 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 217 states. [2023-12-02 16:19:14,010 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 217 to 217. [2023-12-02 16:19:14,010 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 217 states, 141 states have (on average 1.6666666666666667) internal successors, (235), 200 states have internal predecessors, (235), 12 states have call successors, (12), 4 states have call predecessors, (12), 4 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2023-12-02 16:19:14,011 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 217 states to 217 states and 259 transitions. [2023-12-02 16:19:14,012 INFO L78 Accepts]: Start accepts. Automaton has 217 states and 259 transitions. Word has length 84 [2023-12-02 16:19:14,012 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:19:14,012 INFO L495 AbstractCegarLoop]: Abstraction has 217 states and 259 transitions. [2023-12-02 16:19:14,012 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 21 states, 19 states have (on average 2.210526315789474) internal successors, (42), 19 states have internal predecessors, (42), 2 states have call successors, (6), 2 states have call predecessors, (6), 4 states have return successors, (6), 4 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:19:14,012 INFO L276 IsEmpty]: Start isEmpty. Operand 217 states and 259 transitions. [2023-12-02 16:19:14,013 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 89 [2023-12-02 16:19:14,013 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:19:14,014 INFO L195 NwaCegarLoop]: trace histogram [35, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:19:14,030 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (12)] Forceful destruction successful, exit code 0 [2023-12-02 16:19:14,214 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,12 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:19:14,214 INFO L420 AbstractCegarLoop]: === Iteration 13 === Targeting ULTIMATE.startErr8REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:19:14,214 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:19:14,215 INFO L85 PathProgramCache]: Analyzing trace with hash 1164531551, now seen corresponding path program 1 times [2023-12-02 16:19:14,215 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:19:14,215 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1887362369] [2023-12-02 16:19:14,215 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:19:14,215 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:19:14,256 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:19:14,256 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [474303179] [2023-12-02 16:19:14,256 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:19:14,256 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:19:14,257 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:19:14,258 INFO L229 MonitoredProcess]: Starting monitored process 13 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:19:14,259 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (13)] Waiting until timeout for monitored process [2023-12-02 16:19:14,581 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 16:19:14,586 INFO L262 TraceCheckSpWp]: Trace formula consists of 1108 conjuncts, 48 conjunts are in the unsatisfiable core [2023-12-02 16:19:14,590 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:19:14,641 WARN L876 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= |c_#valid| (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2023-12-02 16:19:14,674 INFO L349 Elim1Store]: treesize reduction 20, result has 33.3 percent of original size [2023-12-02 16:19:14,674 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 16 [2023-12-02 16:19:14,719 INFO L349 Elim1Store]: treesize reduction 13, result has 40.9 percent of original size [2023-12-02 16:19:14,720 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 14 treesize of output 13 [2023-12-02 16:19:14,761 WARN L876 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1) |c_#valid|)) is different from true [2023-12-02 16:19:14,784 INFO L349 Elim1Store]: treesize reduction 11, result has 45.0 percent of original size [2023-12-02 16:19:14,785 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 16 treesize of output 22 [2023-12-02 16:19:14,830 INFO L134 CoverageAnalysis]: Checked inductivity of 880 backedges. 381 proven. 41 refuted. 0 times theorem prover too weak. 175 trivial. 283 not checked. [2023-12-02 16:19:14,830 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:19:15,307 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:19:15,307 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1887362369] [2023-12-02 16:19:15,308 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:19:15,308 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [474303179] [2023-12-02 16:19:15,308 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [474303179] provided 0 perfect and 1 imperfect interpolant sequences [2023-12-02 16:19:15,308 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [528039279] [2023-12-02 16:19:15,309 INFO L159 IcfgInterpreter]: Started Sifa with 29 locations of interest [2023-12-02 16:19:15,309 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:19:15,310 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:19:15,310 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:19:15,310 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:19:17,793 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2023-12-02 16:19:17,955 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:19:29,413 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '8197#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= |ULTIMATE.start_l0_insert_#in~list#1.offset| 0) (= 3 |ULTIMATE.start_l0_insert_#in~list#1.base|) (= 4 |ULTIMATE.start_l3_insert_#in~list#1.offset|) (not (= (select |#valid| |ULTIMATE.start_l3_insert_~list#1.base|) 1)) (= 3 |~#list~0.base|) (exists ((|v_#memory_$Pointer$.base_419| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.base_418| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.offset_418| (Array Int (Array Int Int))) (|v_ULTIMATE.start_l4_insert_#in~list#1.base_12| Int) (|v_#memory_int_385| (Array Int (Array Int Int))) (|v_ULTIMATE.start_l4_insert_~list#1.base_20| Int) (|v_#memory_int_384| (Array Int (Array Int Int))) (|v_#memory_int_383| (Array Int (Array Int Int)))) (and (= (select |#valid| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 1) (= |v_#memory_int_385| (store |v_#memory_int_384| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0) (store (select |v_#memory_int_384| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 0 (select (select |v_#memory_int_385| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 0)))) (= (select |#valid| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 1) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0))) (<= 4 (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_20|)) (= |v_#memory_$Pointer$.base_419| (store |v_#memory_$Pointer$.base_418| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0) (store (select |v_#memory_$Pointer$.base_418| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 4 (select (select |v_#memory_$Pointer$.base_419| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 4)))) (= (store |v_#memory_int_383| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0) (store (select |v_#memory_int_383| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 4 (select (select |v_#memory_int_384| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 4))) |v_#memory_int_384|) (= (store (store |v_#memory_$Pointer$.base_419| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0) (store (select |v_#memory_$Pointer$.base_419| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 0 (select (select |v_#memory_$Pointer$.base_419| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0))) |v_ULTIMATE.start_l4_insert_~list#1.base_20| (store (select (store |v_#memory_$Pointer$.base_419| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0) (store (select |v_#memory_$Pointer$.base_419| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 0 (select (select |v_#memory_$Pointer$.base_419| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0))) |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0 (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0))) |#memory_$Pointer$.base|) (= |#memory_$Pointer$.offset| (store (store |v_#memory_$Pointer$.offset_418| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0) (store (store (select |v_#memory_$Pointer$.offset_418| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 4 0) 0 (select (select (store |v_#memory_$Pointer$.offset_418| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0) (store (select |v_#memory_$Pointer$.offset_418| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 4 0)) |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0))) |v_ULTIMATE.start_l4_insert_~list#1.base_20| (store (select (store |v_#memory_$Pointer$.offset_418| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0) (store (store (select |v_#memory_$Pointer$.offset_418| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 4 0) 0 (select (select (store |v_#memory_$Pointer$.offset_418| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0) (store (select |v_#memory_$Pointer$.offset_418| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 4 0)) |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0))) |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0 0))) (or (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= (select (select |v_#memory_$Pointer$.base_419| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 4) 0)) (exists ((|v_#length_BEFORE_CALL_248| (Array Int Int))) (and (= (select |v_#length_BEFORE_CALL_248| 3) 4) (= 14 (select |v_#length_BEFORE_CALL_248| 2)) (= (select |v_#length_BEFORE_CALL_248| 1) 2))) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (= |v_ULTIMATE.start_l4_insert_#in~list#1.base_12| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_240| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_240| 3) 0) 0)) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0) 0)) (= |v_ULTIMATE.start_l4_insert_#in~list#1.base_12| |ULTIMATE.start_l3_insert_~item~1#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= |ULTIMATE.start_l2_insert_~item~2#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l0_insert_~item~4#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_380| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_165| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_165| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_380| 4294967296)) (or (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_380| 0) (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_380|)))) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_240| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_240| 3) 0) 0)) (exists ((|v_old(#memory_int)_AFTER_CALL_155| (Array Int (Array Int Int)))) (and (= 48 (select (select |v_old(#memory_int)_AFTER_CALL_155| 1) 0)) (= (select (select |v_old(#memory_int)_AFTER_CALL_155| 1) 1) 0))) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= |ULTIMATE.start_l1_insert_~item~3#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|)) (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_238| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_238| 3) 0) 0)) (not (= (select (select |v_#memory_$Pointer$.base_419| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)) 4) 0)) (exists ((|v_#length_BEFORE_CALL_246| (Array Int Int))) (and (= (select |v_#length_BEFORE_CALL_246| 3) 4) (= 14 (select |v_#length_BEFORE_CALL_246| 2)) (= (select |v_#length_BEFORE_CALL_246| 1) 2))) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (= |v_ULTIMATE.start_l4_insert_#in~list#1.base_12| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0) 0)) (= |v_ULTIMATE.start_l4_insert_#in~list#1.base_12| |ULTIMATE.start_l3_insert_~item~1#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= |ULTIMATE.start_l2_insert_~item~2#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l0_insert_~item~4#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (exists ((|v_old(#memory_int)_AFTER_CALL_154| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_154| 1) 1) 0) (= (select (select |v_old(#memory_int)_AFTER_CALL_154| 1) 0) 48))) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_380| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_165| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_165| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_380| 4294967296)) (or (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_380| 0) (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_380|)))) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= |ULTIMATE.start_l1_insert_~item~3#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_238| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_238| 3) 0) 0)))) (= |#memory_int| (store |v_#memory_int_385| |v_ULTIMATE.start_l4_insert_~list#1.base_20| (store (select |v_#memory_int_385| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0 (select (select |#memory_int| |v_ULTIMATE.start_l4_insert_~list#1.base_20|) 0)))))) (= |ULTIMATE.start_l1_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (= |ULTIMATE.start_l2_insert_#in~list#1.offset| 0) (= |ULTIMATE.start_l3_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~item~4#1.offset| 0) (= |ULTIMATE.start_l1_insert_~item~3#1.offset| 0) (= |ULTIMATE.start_l2_insert_~item~2#1.offset| 0) (= |ULTIMATE.start_l2_insert_~list#1.offset| 0) (= 4 |ULTIMATE.start_l1_insert_#in~list#1.offset|) (= |ULTIMATE.start_l3_insert_~item~1#1.offset| 0))' at error location [2023-12-02 16:19:29,413 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 16:19:29,413 INFO L185 FreeRefinementEngine]: Found 0 perfect and 1 imperfect interpolant sequences. [2023-12-02 16:19:29,413 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16] total 16 [2023-12-02 16:19:29,414 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1403921239] [2023-12-02 16:19:29,414 INFO L85 oduleStraightlineAll]: Using 1 imperfect interpolants to construct interpolant automaton [2023-12-02 16:19:29,414 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 17 states [2023-12-02 16:19:29,414 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:19:29,415 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2023-12-02 16:19:29,416 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=244, Invalid=2104, Unknown=12, NotChecked=190, Total=2550 [2023-12-02 16:19:29,416 INFO L87 Difference]: Start difference. First operand 217 states and 259 transitions. Second operand has 17 states, 13 states have (on average 3.230769230769231) internal successors, (42), 13 states have internal predecessors, (42), 3 states have call successors, (6), 2 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 3 states have call successors, (6) [2023-12-02 16:19:29,956 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:19:29,956 INFO L93 Difference]: Finished difference Result 214 states and 253 transitions. [2023-12-02 16:19:29,956 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2023-12-02 16:19:29,956 INFO L78 Accepts]: Start accepts. Automaton has has 17 states, 13 states have (on average 3.230769230769231) internal successors, (42), 13 states have internal predecessors, (42), 3 states have call successors, (6), 2 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 3 states have call successors, (6) Word has length 88 [2023-12-02 16:19:29,957 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:19:29,957 INFO L225 Difference]: With dead ends: 214 [2023-12-02 16:19:29,958 INFO L226 Difference]: Without dead ends: 214 [2023-12-02 16:19:29,958 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 217 GetRequests, 153 SyntacticMatches, 11 SemanticMatches, 53 ConstructedPredicates, 2 IntricatePredicates, 0 DeprecatedPredicates, 885 ImplicationChecksByTransitivity, 11.9s TimeCoverageRelationStatistics Valid=285, Invalid=2467, Unknown=12, NotChecked=206, Total=2970 [2023-12-02 16:19:29,959 INFO L413 NwaCegarLoop]: 110 mSDtfsCounter, 55 mSDsluCounter, 824 mSDsCounter, 0 mSdLazyCounter, 766 mSolverCounterSat, 17 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 934 SdHoareTripleChecker+Invalid, 1076 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 17 IncrementalHoareTripleChecker+Valid, 766 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 293 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2023-12-02 16:19:29,959 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [55 Valid, 934 Invalid, 1076 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [17 Valid, 766 Invalid, 0 Unknown, 293 Unchecked, 0.4s Time] [2023-12-02 16:19:29,960 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 214 states. [2023-12-02 16:19:29,964 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 214 to 214. [2023-12-02 16:19:29,964 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 214 states, 141 states have (on average 1.624113475177305) internal successors, (229), 197 states have internal predecessors, (229), 12 states have call successors, (12), 4 states have call predecessors, (12), 4 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2023-12-02 16:19:29,965 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 214 states to 214 states and 253 transitions. [2023-12-02 16:19:29,965 INFO L78 Accepts]: Start accepts. Automaton has 214 states and 253 transitions. Word has length 88 [2023-12-02 16:19:29,965 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:19:29,965 INFO L495 AbstractCegarLoop]: Abstraction has 214 states and 253 transitions. [2023-12-02 16:19:29,965 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 17 states, 13 states have (on average 3.230769230769231) internal successors, (42), 13 states have internal predecessors, (42), 3 states have call successors, (6), 2 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 3 states have call successors, (6) [2023-12-02 16:19:29,965 INFO L276 IsEmpty]: Start isEmpty. Operand 214 states and 253 transitions. [2023-12-02 16:19:29,966 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 89 [2023-12-02 16:19:29,966 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:19:29,966 INFO L195 NwaCegarLoop]: trace histogram [35, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:19:29,974 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (13)] Forceful destruction successful, exit code 0 [2023-12-02 16:19:30,166 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12,13 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:19:30,167 INFO L420 AbstractCegarLoop]: === Iteration 14 === Targeting ULTIMATE.startErr9REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:19:30,167 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:19:30,167 INFO L85 PathProgramCache]: Analyzing trace with hash 1164531552, now seen corresponding path program 1 times [2023-12-02 16:19:30,167 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:19:30,168 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [515827102] [2023-12-02 16:19:30,168 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:19:30,168 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:19:30,205 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:19:30,205 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [1683754296] [2023-12-02 16:19:30,206 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:19:30,206 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:19:30,206 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:19:30,206 INFO L229 MonitoredProcess]: Starting monitored process 14 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:19:30,207 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (14)] Waiting until timeout for monitored process [2023-12-02 16:19:31,069 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 16:19:31,076 INFO L262 TraceCheckSpWp]: Trace formula consists of 1108 conjuncts, 69 conjunts are in the unsatisfiable core [2023-12-02 16:19:31,079 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:19:31,107 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2023-12-02 16:19:31,479 WARN L876 $PredicateComparison]: unable to prove that (and (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) (exists ((|zalloc_or_die_calloc_model_~size#1| Int) (|zalloc_or_die_calloc_model_~nmemb#1| Int)) (= |c_zalloc_or_die_#Ultimate.C_memset_#amount#1| (* |zalloc_or_die_calloc_model_~nmemb#1| |zalloc_or_die_calloc_model_~size#1|)))) is different from true [2023-12-02 16:19:31,771 WARN L876 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2023-12-02 16:19:31,794 INFO L190 IndexEqualityManager]: detected not equals via solver [2023-12-02 16:19:31,794 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 13 [2023-12-02 16:19:31,800 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2023-12-02 16:19:31,801 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2023-12-02 16:19:33,811 WARN L876 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_calloc_model_~size#1| Int) (|zalloc_or_die_calloc_model_~nmemb#1| Int)) (let ((.cse0 (mod (* |zalloc_or_die_calloc_model_~nmemb#1| |zalloc_or_die_calloc_model_~size#1|) 4294967296))) (and (<= (select |c_#length| |c_ULTIMATE.start_l4_insert_~item~0#1.base|) .cse0) (<= .cse0 5)))) is different from true [2023-12-02 16:19:33,816 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 17 treesize of output 13 [2023-12-02 16:19:46,097 INFO L134 CoverageAnalysis]: Checked inductivity of 880 backedges. 362 proven. 221 refuted. 0 times theorem prover too weak. 209 trivial. 88 not checked. [2023-12-02 16:19:46,097 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:19:46,305 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:19:46,305 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [515827102] [2023-12-02 16:19:46,305 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:19:46,306 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1683754296] [2023-12-02 16:19:46,306 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1683754296] provided 0 perfect and 1 imperfect interpolant sequences [2023-12-02 16:19:46,306 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [860087992] [2023-12-02 16:19:46,308 INFO L159 IcfgInterpreter]: Started Sifa with 29 locations of interest [2023-12-02 16:19:46,308 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:19:46,309 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:19:46,309 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:19:46,309 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:19:47,023 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 15 for LOIs [2023-12-02 16:19:47,215 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:20:33,853 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '8975#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= |ULTIMATE.start_l0_insert_#in~list#1.offset| 0) (= 3 |ULTIMATE.start_l0_insert_#in~list#1.base|) (= 3 |~#list~0.base|) (exists ((|v_ULTIMATE.start_l4_insert_~list#1.offset_19| Int) (|v_#memory_int_407| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.base_443| (Array Int (Array Int Int))) (|v_#memory_int_409| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.base_442| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.offset_442| (Array Int (Array Int Int))) (|v_#memory_int_408| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.offset_443| (Array Int (Array Int Int))) (|v_ULTIMATE.start_l4_insert_~list#1.base_21| Int)) (and (= (store |v_#memory_int_407| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (store (select |v_#memory_int_407| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) 4) (select (select |v_#memory_int_408| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) 4)))) |v_#memory_int_408|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) 1) (= |#memory_$Pointer$.base| (store (store |v_#memory_$Pointer$.base_443| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (store (select |v_#memory_$Pointer$.base_443| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (select (select |v_#memory_$Pointer$.base_443| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|))) |v_ULTIMATE.start_l4_insert_~list#1.base_21| (store (select (store |v_#memory_$Pointer$.base_443| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (store (select |v_#memory_$Pointer$.base_443| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (select (select |v_#memory_$Pointer$.base_443| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|))) |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)))) (<= 0 |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (<= (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) 8) (select |#length| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|))) (= |#memory_int| (store |v_#memory_int_409| |v_ULTIMATE.start_l4_insert_~list#1.base_21| (store (select |v_#memory_int_409| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19| (select (select |#memory_int| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)))) (= (store |v_#memory_$Pointer$.base_442| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (store (select |v_#memory_$Pointer$.base_442| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) 4) (select (select |v_#memory_$Pointer$.base_443| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) 4)))) |v_#memory_$Pointer$.base_443|) (<= 0 (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (= |#memory_$Pointer$.offset| (store (store |v_#memory_$Pointer$.offset_443| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (store (select |v_#memory_$Pointer$.offset_443| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (select (select |v_#memory_$Pointer$.offset_443| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|))) |v_ULTIMATE.start_l4_insert_~list#1.base_21| (store (select (store |v_#memory_$Pointer$.offset_443| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (store (select |v_#memory_$Pointer$.offset_443| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (select (select |v_#memory_$Pointer$.offset_443| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|))) |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19| (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)))) (<= (+ 4 |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_21|)) (= (store |v_#memory_$Pointer$.offset_442| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (store (select |v_#memory_$Pointer$.offset_442| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) 4) (select (select |v_#memory_$Pointer$.offset_443| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) 4)))) |v_#memory_$Pointer$.offset_443|) (= (store |v_#memory_int_408| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (store (select |v_#memory_int_408| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|) (select (select |v_#memory_int_409| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) |v_ULTIMATE.start_l4_insert_~list#1.offset_19|)))) |v_#memory_int_409|) (= (select |#valid| |v_ULTIMATE.start_l4_insert_~list#1.base_21|) 1))) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (or (< |ULTIMATE.start_l3_insert_~list#1.offset| 0) (< (select |#length| |ULTIMATE.start_l3_insert_~list#1.base|) (+ |ULTIMATE.start_l3_insert_~list#1.offset| 4))))' at error location [2023-12-02 16:20:33,853 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 16:20:33,853 INFO L185 FreeRefinementEngine]: Found 0 perfect and 1 imperfect interpolant sequences. [2023-12-02 16:20:33,853 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [29] total 29 [2023-12-02 16:20:33,854 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [195292270] [2023-12-02 16:20:33,854 INFO L85 oduleStraightlineAll]: Using 1 imperfect interpolants to construct interpolant automaton [2023-12-02 16:20:33,854 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 29 states [2023-12-02 16:20:33,854 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:20:33,855 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 29 interpolants. [2023-12-02 16:20:33,855 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=132, Invalid=1937, Unknown=13, NotChecked=270, Total=2352 [2023-12-02 16:20:33,856 INFO L87 Difference]: Start difference. First operand 214 states and 253 transitions. Second operand has 29 states, 27 states have (on average 1.7777777777777777) internal successors, (48), 26 states have internal predecessors, (48), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:20:35,897 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:20:37,910 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:20:41,996 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:20:46,083 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:20:50,178 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:20:54,319 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.03s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:20:58,467 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:02,577 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:06,690 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:10,802 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:12,929 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:14,944 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:16,963 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.02s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:18,972 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.01s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:21,117 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:23,646 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:26,270 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:28,378 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.01s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:30,841 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:32,936 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:34,993 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:21:37,182 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:21:37,182 INFO L93 Difference]: Finished difference Result 228 states and 277 transitions. [2023-12-02 16:21:37,182 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2023-12-02 16:21:37,183 INFO L78 Accepts]: Start accepts. Automaton has has 29 states, 27 states have (on average 1.7777777777777777) internal successors, (48), 26 states have internal predecessors, (48), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 88 [2023-12-02 16:21:37,183 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:21:37,184 INFO L225 Difference]: With dead ends: 228 [2023-12-02 16:21:37,185 INFO L226 Difference]: Without dead ends: 220 [2023-12-02 16:21:37,186 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 192 GetRequests, 129 SyntacticMatches, 7 SemanticMatches, 56 ConstructedPredicates, 3 IntricatePredicates, 0 DeprecatedPredicates, 798 ImplicationChecksByTransitivity, 80.3s TimeCoverageRelationStatistics Valid=204, Invalid=2764, Unknown=14, NotChecked=324, Total=3306 [2023-12-02 16:21:37,187 INFO L413 NwaCegarLoop]: 127 mSDtfsCounter, 13 mSDsluCounter, 1646 mSDsCounter, 0 mSdLazyCounter, 1313 mSolverCounterSat, 6 mSolverCounterUnsat, 21 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 44.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 13 SdHoareTripleChecker+Valid, 1773 SdHoareTripleChecker+Invalid, 1965 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 1313 IncrementalHoareTripleChecker+Invalid, 21 IncrementalHoareTripleChecker+Unknown, 625 IncrementalHoareTripleChecker+Unchecked, 44.5s IncrementalHoareTripleChecker+Time [2023-12-02 16:21:37,187 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [13 Valid, 1773 Invalid, 1965 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 1313 Invalid, 21 Unknown, 625 Unchecked, 44.5s Time] [2023-12-02 16:21:37,188 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 220 states. [2023-12-02 16:21:37,193 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 220 to 220. [2023-12-02 16:21:37,194 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 220 states, 144 states have (on average 1.625) internal successors, (234), 202 states have internal predecessors, (234), 13 states have call successors, (13), 4 states have call predecessors, (13), 6 states have return successors, (21), 13 states have call predecessors, (21), 12 states have call successors, (21) [2023-12-02 16:21:37,196 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 220 states to 220 states and 268 transitions. [2023-12-02 16:21:37,196 INFO L78 Accepts]: Start accepts. Automaton has 220 states and 268 transitions. Word has length 88 [2023-12-02 16:21:37,196 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:21:37,196 INFO L495 AbstractCegarLoop]: Abstraction has 220 states and 268 transitions. [2023-12-02 16:21:37,196 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 29 states, 27 states have (on average 1.7777777777777777) internal successors, (48), 26 states have internal predecessors, (48), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:21:37,197 INFO L276 IsEmpty]: Start isEmpty. Operand 220 states and 268 transitions. [2023-12-02 16:21:37,197 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 90 [2023-12-02 16:21:37,197 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:21:37,198 INFO L195 NwaCegarLoop]: trace histogram [36, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:21:37,216 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (14)] Ended with exit code 0 [2023-12-02 16:21:37,398 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13,14 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:21:37,398 INFO L420 AbstractCegarLoop]: === Iteration 15 === Targeting ULTIMATE.startErr9REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:21:37,399 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:21:37,399 INFO L85 PathProgramCache]: Analyzing trace with hash -659179739, now seen corresponding path program 2 times [2023-12-02 16:21:37,399 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:21:37,399 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1996430523] [2023-12-02 16:21:37,399 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:21:37,399 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:21:37,452 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:21:37,452 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [553804816] [2023-12-02 16:21:37,452 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2023-12-02 16:21:37,452 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:21:37,452 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:21:37,453 INFO L229 MonitoredProcess]: Starting monitored process 15 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:21:37,454 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (15)] Waiting until timeout for monitored process [2023-12-02 16:21:44,689 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 5 check-sat command(s) [2023-12-02 16:21:44,689 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2023-12-02 16:21:44,698 INFO L262 TraceCheckSpWp]: Trace formula consists of 715 conjuncts, 65 conjunts are in the unsatisfiable core [2023-12-02 16:21:44,701 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:21:44,714 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2023-12-02 16:21:45,124 WARN L876 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2023-12-02 16:21:45,189 INFO L190 IndexEqualityManager]: detected not equals via solver [2023-12-02 16:21:45,190 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 9 [2023-12-02 16:21:45,199 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2023-12-02 16:21:45,199 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2023-12-02 16:21:45,223 INFO L134 CoverageAnalysis]: Checked inductivity of 921 backedges. 461 proven. 21 refuted. 0 times theorem prover too weak. 359 trivial. 80 not checked. [2023-12-02 16:21:45,223 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:21:45,346 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:21:45,346 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1996430523] [2023-12-02 16:21:45,346 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:21:45,346 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [553804816] [2023-12-02 16:21:45,346 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [553804816] provided 0 perfect and 1 imperfect interpolant sequences [2023-12-02 16:21:45,346 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1155439357] [2023-12-02 16:21:45,348 INFO L159 IcfgInterpreter]: Started Sifa with 29 locations of interest [2023-12-02 16:21:45,348 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:21:45,349 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:21:45,349 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:21:45,349 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:21:46,082 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 15 for LOIs [2023-12-02 16:21:46,232 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:21:49,708 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '9764#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= |ULTIMATE.start_l0_insert_#in~list#1.offset| 0) (exists ((|v_#memory_$Pointer$.offset_467| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.offset_468| (Array Int (Array Int Int))) (|v_#memory_int_434| (Array Int (Array Int Int))) (|v_#memory_int_433| (Array Int (Array Int Int))) (|v_ULTIMATE.start_l4_insert_~list#1.offset_20| Int) (|v_#memory_$Pointer$.base_468| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.base_467| (Array Int (Array Int Int))) (|v_#memory_int_432| (Array Int (Array Int Int))) (|v_ULTIMATE.start_l4_insert_~list#1.base_22| Int)) (and (= (store |v_#memory_int_433| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (store (select |v_#memory_int_433| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (select (select |v_#memory_int_434| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)))) |v_#memory_int_434|) (= |v_#memory_int_433| (store |v_#memory_int_432| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (store (select |v_#memory_int_432| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) 4) (select (select |v_#memory_int_433| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) 4))))) (= (store |v_#memory_$Pointer$.base_467| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (store (select |v_#memory_$Pointer$.base_467| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) 4) (select (select |v_#memory_$Pointer$.base_468| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) 4)))) |v_#memory_$Pointer$.base_468|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) 1) (= |#memory_int| (store |v_#memory_int_434| |v_ULTIMATE.start_l4_insert_~list#1.base_22| (store (select |v_#memory_int_434| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20| (select (select |#memory_int| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)))) (= |#memory_$Pointer$.base| (store (store |v_#memory_$Pointer$.base_468| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (store (select |v_#memory_$Pointer$.base_468| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (select (select |v_#memory_$Pointer$.base_468| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|))) |v_ULTIMATE.start_l4_insert_~list#1.base_22| (store (select (store |v_#memory_$Pointer$.base_468| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (store (select |v_#memory_$Pointer$.base_468| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (select (select |v_#memory_$Pointer$.base_468| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|))) |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)))) (= (store |v_#memory_$Pointer$.offset_467| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (store (select |v_#memory_$Pointer$.offset_467| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) 4) (select (select |v_#memory_$Pointer$.offset_468| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) 4)))) |v_#memory_$Pointer$.offset_468|) (<= (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) 8) (select |#length| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|))) (<= (+ 4 |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_22|)) (= (select |#valid| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) 1) (<= 0 |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (= |#memory_$Pointer$.offset| (store (store |v_#memory_$Pointer$.offset_468| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (store (select |v_#memory_$Pointer$.offset_468| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (select (select |v_#memory_$Pointer$.offset_468| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|))) |v_ULTIMATE.start_l4_insert_~list#1.base_22| (store (select (store |v_#memory_$Pointer$.offset_468| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (store (select |v_#memory_$Pointer$.offset_468| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|) (select (select |v_#memory_$Pointer$.offset_468| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|))) |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20| (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)))) (<= 0 (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) |v_ULTIMATE.start_l4_insert_~list#1.offset_20|)))) (= 3 |ULTIMATE.start_l0_insert_#in~list#1.base|) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (or (< |ULTIMATE.start_l3_insert_~list#1.offset| 0) (< (select |#length| |ULTIMATE.start_l3_insert_~list#1.base|) (+ |ULTIMATE.start_l3_insert_~list#1.offset| 4))))' at error location [2023-12-02 16:21:49,709 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 16:21:49,709 INFO L185 FreeRefinementEngine]: Found 0 perfect and 1 imperfect interpolant sequences. [2023-12-02 16:21:49,709 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [17] total 17 [2023-12-02 16:21:49,709 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [290289694] [2023-12-02 16:21:49,709 INFO L85 oduleStraightlineAll]: Using 1 imperfect interpolants to construct interpolant automaton [2023-12-02 16:21:49,709 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 17 states [2023-12-02 16:21:49,709 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:21:49,710 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2023-12-02 16:21:49,710 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=105, Invalid=1157, Unknown=2, NotChecked=68, Total=1332 [2023-12-02 16:21:49,710 INFO L87 Difference]: Start difference. First operand 220 states and 268 transitions. Second operand has 17 states, 15 states have (on average 2.466666666666667) internal successors, (37), 14 states have internal predecessors, (37), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:21:51,898 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:21:51,898 INFO L93 Difference]: Finished difference Result 230 states and 288 transitions. [2023-12-02 16:21:51,898 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2023-12-02 16:21:51,899 INFO L78 Accepts]: Start accepts. Automaton has has 17 states, 15 states have (on average 2.466666666666667) internal successors, (37), 14 states have internal predecessors, (37), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 89 [2023-12-02 16:21:51,899 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:21:51,900 INFO L225 Difference]: With dead ends: 230 [2023-12-02 16:21:51,901 INFO L226 Difference]: Without dead ends: 226 [2023-12-02 16:21:51,902 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 194 GetRequests, 143 SyntacticMatches, 6 SemanticMatches, 45 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 490 ImplicationChecksByTransitivity, 4.4s TimeCoverageRelationStatistics Valid=167, Invalid=1905, Unknown=2, NotChecked=88, Total=2162 [2023-12-02 16:21:51,902 INFO L413 NwaCegarLoop]: 122 mSDtfsCounter, 14 mSDsluCounter, 768 mSDsCounter, 0 mSdLazyCounter, 1277 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 890 SdHoareTripleChecker+Invalid, 1537 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 1277 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 252 IncrementalHoareTripleChecker+Unchecked, 1.6s IncrementalHoareTripleChecker+Time [2023-12-02 16:21:51,902 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 890 Invalid, 1537 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 1277 Invalid, 0 Unknown, 252 Unchecked, 1.6s Time] [2023-12-02 16:21:51,903 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 226 states. [2023-12-02 16:21:51,909 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 226 to 222. [2023-12-02 16:21:51,910 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 222 states, 146 states have (on average 1.63013698630137) internal successors, (238), 204 states have internal predecessors, (238), 13 states have call successors, (13), 4 states have call predecessors, (13), 6 states have return successors, (21), 13 states have call predecessors, (21), 12 states have call successors, (21) [2023-12-02 16:21:51,911 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 222 states to 222 states and 272 transitions. [2023-12-02 16:21:51,912 INFO L78 Accepts]: Start accepts. Automaton has 222 states and 272 transitions. Word has length 89 [2023-12-02 16:21:51,912 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:21:51,912 INFO L495 AbstractCegarLoop]: Abstraction has 222 states and 272 transitions. [2023-12-02 16:21:51,912 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 17 states, 15 states have (on average 2.466666666666667) internal successors, (37), 14 states have internal predecessors, (37), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:21:51,912 INFO L276 IsEmpty]: Start isEmpty. Operand 222 states and 272 transitions. [2023-12-02 16:21:51,913 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 91 [2023-12-02 16:21:51,913 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:21:51,913 INFO L195 NwaCegarLoop]: trace histogram [37, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:21:51,923 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (15)] Ended with exit code 0 [2023-12-02 16:21:52,114 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 15 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable14 [2023-12-02 16:21:52,114 INFO L420 AbstractCegarLoop]: === Iteration 16 === Targeting ULTIMATE.startErr9REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:21:52,114 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:21:52,114 INFO L85 PathProgramCache]: Analyzing trace with hash -1359654912, now seen corresponding path program 3 times [2023-12-02 16:21:52,114 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:21:52,114 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [761332874] [2023-12-02 16:21:52,115 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:21:52,115 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:21:52,150 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:21:52,150 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [731594744] [2023-12-02 16:21:52,150 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2023-12-02 16:21:52,150 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:21:52,150 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:21:52,151 INFO L229 MonitoredProcess]: Starting monitored process 16 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:21:52,155 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (16)] Waiting until timeout for monitored process [2023-12-02 16:21:54,384 INFO L228 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2023-12-02 16:21:54,384 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2023-12-02 16:21:54,391 INFO L262 TraceCheckSpWp]: Trace formula consists of 1138 conjuncts, 55 conjunts are in the unsatisfiable core [2023-12-02 16:21:54,394 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:21:54,402 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2023-12-02 16:21:54,408 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2023-12-02 16:21:55,129 WARN L876 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_calloc_model_~ptr~0#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_calloc_model_~ptr~0#1.base| (select |c_#length| |zalloc_or_die_calloc_model_~ptr~0#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_calloc_model_~ptr~0#1.base|) 0))) is different from true [2023-12-02 16:21:55,181 INFO L190 IndexEqualityManager]: detected not equals via solver [2023-12-02 16:21:55,182 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 13 [2023-12-02 16:21:55,187 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2023-12-02 16:21:55,188 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2023-12-02 16:21:55,344 INFO L134 CoverageAnalysis]: Checked inductivity of 963 backedges. 485 proven. 28 refuted. 0 times theorem prover too weak. 359 trivial. 91 not checked. [2023-12-02 16:21:55,345 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:21:55,416 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:21:55,416 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [761332874] [2023-12-02 16:21:55,416 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:21:55,416 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [731594744] [2023-12-02 16:21:55,416 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [731594744] provided 0 perfect and 1 imperfect interpolant sequences [2023-12-02 16:21:55,417 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [488074692] [2023-12-02 16:21:55,418 INFO L159 IcfgInterpreter]: Started Sifa with 29 locations of interest [2023-12-02 16:21:55,418 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:21:55,418 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:21:55,419 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:21:55,419 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:21:58,371 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2023-12-02 16:21:58,536 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:22:04,457 WARN L876 $PredicateComparison]: unable to prove that (and (= 3 |c_ULTIMATE.start_l0_insert_~list#1.base|) (= |c_ULTIMATE.start_l0_insert_#t~ret18#1.offset| 0) (<= 1 |c_#StackHeapBarrier|) (let ((.cse0 (not (= |c_ULTIMATE.start_l0_insert_#t~ret18#1.base| 0))) (.cse1 (= (select |c_ULTIMATE.start_main_old_#valid#1| 0) 0)) (.cse2 (= (select |c_ULTIMATE.start_main_old_#valid#1| 2) 1)) (.cse3 (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_473| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_183| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_183| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_473| 4294967296)) (or (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_473|) (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_473| 0))))) (.cse4 (= (select |c_ULTIMATE.start_main_old_#valid#1| 1) 1)) (.cse5 (= (select |c_ULTIMATE.start_main_old_#valid#1| 3) 1))) (or (and .cse0 .cse1 .cse2 .cse3 (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_330| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_330| 3) 0) 0)) .cse4 .cse5 (exists ((|v_#length_BEFORE_CALL_344| (Array Int Int))) (and (= 14 (select |v_#length_BEFORE_CALL_344| 2)) (= (select |v_#length_BEFORE_CALL_344| 3) 4) (= 2 (select |v_#length_BEFORE_CALL_344| 1)))) (exists ((|v_old(#memory_int)_AFTER_CALL_209| (Array Int (Array Int Int)))) (let ((.cse6 (select |v_old(#memory_int)_AFTER_CALL_209| 1))) (and (= (select .cse6 0) 48) (= (select .cse6 1) 0)))) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_330| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_330| 3) 0) 0))) (and (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_328| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_328| 3) 0) 0)) .cse0 .cse1 .cse2 .cse3 (exists ((|v_#length_BEFORE_CALL_342| (Array Int Int))) (and (= (select |v_#length_BEFORE_CALL_342| 1) 2) (= (select |v_#length_BEFORE_CALL_342| 3) 4) (= (select |v_#length_BEFORE_CALL_342| 2) 14))) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_328| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_328| 3) 0) 0)) .cse4 .cse5 (exists ((|v_old(#memory_int)_AFTER_CALL_208| (Array Int (Array Int Int)))) (let ((.cse7 (select |v_old(#memory_int)_AFTER_CALL_208| 1))) (and (= (select .cse7 1) 0) (= (select .cse7 0) 48))))))) (= |c_~#list~0.offset| 0) (= |c_ULTIMATE.start_l0_insert_~list#1.offset| 0) (= |c_ULTIMATE.start_l0_insert_#in~list#1.base| 3) (= 3 |c_~#list~0.base|) (= |c_ULTIMATE.start_l0_insert_#in~list#1.offset| 0)) is different from true [2023-12-02 16:22:35,777 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '10560#(and (<= (select |#length| |ULTIMATE.start_l3_insert_~list#1.base|) 7) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= |ULTIMATE.start_l0_insert_#in~list#1.offset| 0) (= 3 |ULTIMATE.start_l0_insert_#in~list#1.base|) (= 4 |ULTIMATE.start_l3_insert_#in~list#1.offset|) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l1_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (exists ((|v_#memory_$Pointer$.base_493| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.base_492| (Array Int (Array Int Int))) (|v_#memory_int_459| (Array Int (Array Int Int))) (|v_ULTIMATE.start_l4_insert_#in~list#1.base_16| Int) (|v_#memory_int_458| (Array Int (Array Int Int))) (|v_#memory_int_457| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.offset_492| (Array Int (Array Int Int))) (|v_ULTIMATE.start_l4_insert_~list#1.base_23| Int)) (and (= |#memory_$Pointer$.offset| (store (store |v_#memory_$Pointer$.offset_492| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0) (store (store (select |v_#memory_$Pointer$.offset_492| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 4 0) 0 (select (select (store |v_#memory_$Pointer$.offset_492| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0) (store (select |v_#memory_$Pointer$.offset_492| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 4 0)) |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0))) |v_ULTIMATE.start_l4_insert_~list#1.base_23| (store (select (store |v_#memory_$Pointer$.offset_492| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0) (store (store (select |v_#memory_$Pointer$.offset_492| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 4 0) 0 (select (select (store |v_#memory_$Pointer$.offset_492| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0) (store (select |v_#memory_$Pointer$.offset_492| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 4 0)) |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0))) |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0 0))) (= (select |#valid| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 1) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0))) (= (store |v_#memory_$Pointer$.base_492| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0) (store (select |v_#memory_$Pointer$.base_492| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 4 (select (select |v_#memory_$Pointer$.base_493| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 4))) |v_#memory_$Pointer$.base_493|) (<= 4 (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_23|)) (or (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= |ULTIMATE.start_l2_insert_~item~2#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= |v_ULTIMATE.start_l4_insert_#in~list#1.base_16| |ULTIMATE.start_l3_insert_~item~1#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l0_insert_~item~4#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_473| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_183| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_183| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_473| 4294967296)) (or (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_473|) (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_473| 0)))) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_330| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_330| 3) 0) 0)) (not (= (select (select |v_#memory_$Pointer$.base_493| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 4) 0)) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (= |v_ULTIMATE.start_l4_insert_#in~list#1.base_16| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0) 0)) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (exists ((|v_#length_BEFORE_CALL_344| (Array Int Int))) (and (= 14 (select |v_#length_BEFORE_CALL_344| 2)) (= (select |v_#length_BEFORE_CALL_344| 3) 4) (= 2 (select |v_#length_BEFORE_CALL_344| 1)))) (= |ULTIMATE.start_l1_insert_~item~3#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (exists ((|v_old(#memory_int)_AFTER_CALL_209| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_209| 1) 0) 48) (= (select (select |v_old(#memory_int)_AFTER_CALL_209| 1) 1) 0))) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_330| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_330| 3) 0) 0))) (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_328| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_328| 3) 0) 0)) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= |ULTIMATE.start_l2_insert_~item~2#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= |v_ULTIMATE.start_l4_insert_#in~list#1.base_16| |ULTIMATE.start_l3_insert_~item~1#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l0_insert_~item~4#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_473| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_183| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_183| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_473| 4294967296)) (or (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_473|) (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_473| 0)))) (not (= (select (select |v_#memory_$Pointer$.base_493| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 4) 0)) (exists ((|v_#length_BEFORE_CALL_342| (Array Int Int))) (and (= (select |v_#length_BEFORE_CALL_342| 1) 2) (= (select |v_#length_BEFORE_CALL_342| 3) 4) (= (select |v_#length_BEFORE_CALL_342| 2) 14))) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l1_insert_#in~list#1.base|) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|) (= |v_ULTIMATE.start_l4_insert_#in~list#1.base_16| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0) 0)) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_328| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_328| 3) 0) 0)) (exists ((|v_old(#memory_int)_AFTER_CALL_208| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_208| 1) 1) 0) (= (select (select |v_old(#memory_int)_AFTER_CALL_208| 1) 0) 48))) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l3_insert_#in~list#1.base|) (= |ULTIMATE.start_l1_insert_~item~3#1.base| |ULTIMATE.start_l2_insert_#in~list#1.base|))) (= |#memory_int| (store |v_#memory_int_459| |v_ULTIMATE.start_l4_insert_~list#1.base_23| (store (select |v_#memory_int_459| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0 (select (select |#memory_int| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)))) (= |v_#memory_int_459| (store |v_#memory_int_458| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0) (store (select |v_#memory_int_458| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 0 (select (select |v_#memory_int_459| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 0)))) (= (select |#valid| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 1) (= (store (store |v_#memory_$Pointer$.base_493| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0) (store (select |v_#memory_$Pointer$.base_493| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 0 (select (select |v_#memory_$Pointer$.base_493| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0))) |v_ULTIMATE.start_l4_insert_~list#1.base_23| (store (select (store |v_#memory_$Pointer$.base_493| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0) (store (select |v_#memory_$Pointer$.base_493| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 0 (select (select |v_#memory_$Pointer$.base_493| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0))) |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0 (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0))) |#memory_$Pointer$.base|) (= (store |v_#memory_int_457| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0) (store (select |v_#memory_int_457| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 4 (select (select |v_#memory_int_458| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 0)) 4))) |v_#memory_int_458|))) (= |ULTIMATE.start_l2_insert_#in~list#1.offset| 0) (= |ULTIMATE.start_l3_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~item~4#1.offset| 0) (= |ULTIMATE.start_l1_insert_~item~3#1.offset| 0) (= |ULTIMATE.start_l2_insert_~item~2#1.offset| 0) (= |ULTIMATE.start_l2_insert_~list#1.offset| 0) (= 4 |ULTIMATE.start_l1_insert_#in~list#1.offset|) (= |ULTIMATE.start_l3_insert_~item~1#1.offset| 0))' at error location [2023-12-02 16:22:35,777 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 16:22:35,777 INFO L185 FreeRefinementEngine]: Found 0 perfect and 1 imperfect interpolant sequences. [2023-12-02 16:22:35,777 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [17] total 17 [2023-12-02 16:22:35,777 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1087680004] [2023-12-02 16:22:35,777 INFO L85 oduleStraightlineAll]: Using 1 imperfect interpolants to construct interpolant automaton [2023-12-02 16:22:35,778 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 17 states [2023-12-02 16:22:35,778 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:22:35,778 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2023-12-02 16:22:35,779 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=220, Invalid=1665, Unknown=15, NotChecked=170, Total=2070 [2023-12-02 16:22:35,779 INFO L87 Difference]: Start difference. First operand 222 states and 272 transitions. Second operand has 17 states, 15 states have (on average 2.533333333333333) internal successors, (38), 14 states have internal predecessors, (38), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:22:39,182 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2023-12-02 16:22:39,816 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:22:39,816 INFO L93 Difference]: Finished difference Result 232 states and 292 transitions. [2023-12-02 16:22:39,817 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2023-12-02 16:22:39,817 INFO L78 Accepts]: Start accepts. Automaton has has 17 states, 15 states have (on average 2.533333333333333) internal successors, (38), 14 states have internal predecessors, (38), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 90 [2023-12-02 16:22:39,817 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:22:39,819 INFO L225 Difference]: With dead ends: 232 [2023-12-02 16:22:39,819 INFO L226 Difference]: Without dead ends: 228 [2023-12-02 16:22:39,820 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 196 GetRequests, 136 SyntacticMatches, 6 SemanticMatches, 54 ConstructedPredicates, 2 IntricatePredicates, 0 DeprecatedPredicates, 817 ImplicationChecksByTransitivity, 38.3s TimeCoverageRelationStatistics Valid=266, Invalid=2589, Unknown=15, NotChecked=210, Total=3080 [2023-12-02 16:22:39,821 INFO L413 NwaCegarLoop]: 127 mSDtfsCounter, 3 mSDsluCounter, 434 mSDsCounter, 0 mSdLazyCounter, 771 mSolverCounterSat, 8 mSolverCounterUnsat, 1 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 3.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 561 SdHoareTripleChecker+Invalid, 1032 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 771 IncrementalHoareTripleChecker+Invalid, 1 IncrementalHoareTripleChecker+Unknown, 252 IncrementalHoareTripleChecker+Unchecked, 3.4s IncrementalHoareTripleChecker+Time [2023-12-02 16:22:39,821 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 561 Invalid, 1032 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 771 Invalid, 1 Unknown, 252 Unchecked, 3.4s Time] [2023-12-02 16:22:39,822 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 228 states. [2023-12-02 16:22:39,828 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 228 to 224. [2023-12-02 16:22:39,828 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 224 states, 148 states have (on average 1.635135135135135) internal successors, (242), 206 states have internal predecessors, (242), 13 states have call successors, (13), 4 states have call predecessors, (13), 6 states have return successors, (21), 13 states have call predecessors, (21), 12 states have call successors, (21) [2023-12-02 16:22:39,830 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 224 states to 224 states and 276 transitions. [2023-12-02 16:22:39,830 INFO L78 Accepts]: Start accepts. Automaton has 224 states and 276 transitions. Word has length 90 [2023-12-02 16:22:39,830 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:22:39,830 INFO L495 AbstractCegarLoop]: Abstraction has 224 states and 276 transitions. [2023-12-02 16:22:39,831 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 17 states, 15 states have (on average 2.533333333333333) internal successors, (38), 14 states have internal predecessors, (38), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:22:39,831 INFO L276 IsEmpty]: Start isEmpty. Operand 224 states and 276 transitions. [2023-12-02 16:22:39,832 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2023-12-02 16:22:39,832 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:22:39,832 INFO L195 NwaCegarLoop]: trace histogram [38, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:22:39,859 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (16)] Forceful destruction successful, exit code 0 [2023-12-02 16:22:40,032 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 16 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable15 [2023-12-02 16:22:40,033 INFO L420 AbstractCegarLoop]: === Iteration 17 === Targeting ULTIMATE.startErr9REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:22:40,033 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:22:40,033 INFO L85 PathProgramCache]: Analyzing trace with hash -1599548795, now seen corresponding path program 4 times [2023-12-02 16:22:40,033 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:22:40,033 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [536946828] [2023-12-02 16:22:40,033 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:22:40,033 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:22:40,075 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:22:40,075 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [1401587985] [2023-12-02 16:22:40,075 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2023-12-02 16:22:40,075 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:22:40,076 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:22:40,076 INFO L229 MonitoredProcess]: Starting monitored process 17 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:22:40,077 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (17)] Waiting until timeout for monitored process [2023-12-02 16:22:43,121 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 16:22:43,130 INFO L262 TraceCheckSpWp]: Trace formula consists of 1153 conjuncts, 115 conjunts are in the unsatisfiable core [2023-12-02 16:22:43,135 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 16:22:43,171 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2023-12-02 16:22:43,500 INFO L134 CoverageAnalysis]: Checked inductivity of 1006 backedges. 557 proven. 85 refuted. 0 times theorem prover too weak. 364 trivial. 0 not checked. [2023-12-02 16:22:43,500 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 16:22:45,382 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 16:22:45,382 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [536946828] [2023-12-02 16:22:45,382 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2023-12-02 16:22:45,382 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1401587985] [2023-12-02 16:22:45,382 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1401587985] provided 0 perfect and 1 imperfect interpolant sequences [2023-12-02 16:22:45,382 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [590937751] [2023-12-02 16:22:45,384 INFO L159 IcfgInterpreter]: Started Sifa with 29 locations of interest [2023-12-02 16:22:45,384 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 16:22:45,384 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 16:22:45,384 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 16:22:45,384 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 16:22:46,063 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 15 for LOIs [2023-12-02 16:22:46,204 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 16:22:50,978 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '11372#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= |ULTIMATE.start_l0_insert_#in~list#1.offset| 0) (= 3 |ULTIMATE.start_l0_insert_#in~list#1.base|) (= 3 |~#list~0.base|) (exists ((|v_#memory_$Pointer$.base_517| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.base_516| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.offset_516| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.offset_517| (Array Int (Array Int Int))) (|v_ULTIMATE.start_l4_insert_~list#1.offset_22| Int) (|v_ULTIMATE.start_l4_insert_~list#1.base_24| Int) (|v_#memory_int_481| (Array Int (Array Int Int))) (|v_#memory_int_483| (Array Int (Array Int Int))) (|v_#memory_int_482| (Array Int (Array Int Int)))) (and (= (store |v_#memory_$Pointer$.offset_516| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_$Pointer$.offset_516| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 4) (select (select |v_#memory_$Pointer$.offset_517| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 4)))) |v_#memory_$Pointer$.offset_517|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) 1) (= |#memory_$Pointer$.offset| (store (store |v_#memory_$Pointer$.offset_517| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_$Pointer$.offset_517| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (select (select |v_#memory_$Pointer$.offset_517| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|))) |v_ULTIMATE.start_l4_insert_~list#1.base_24| (store (select (store |v_#memory_$Pointer$.offset_517| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_$Pointer$.offset_517| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (select (select |v_#memory_$Pointer$.offset_517| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|))) |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22| (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)))) (= (store |v_#memory_int_482| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_int_482| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (select (select |v_#memory_int_483| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)))) |v_#memory_int_483|) (= (store |v_#memory_$Pointer$.base_516| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_$Pointer$.base_516| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 4) (select (select |v_#memory_$Pointer$.base_517| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 4)))) |v_#memory_$Pointer$.base_517|) (<= (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 8) (select |#length| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|))) (<= (+ 4 |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_24|)) (= (store (store |v_#memory_$Pointer$.base_517| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_$Pointer$.base_517| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (select (select |v_#memory_$Pointer$.base_517| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|))) |v_ULTIMATE.start_l4_insert_~list#1.base_24| (store (select (store |v_#memory_$Pointer$.base_517| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_$Pointer$.base_517| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (select (select |v_#memory_$Pointer$.base_517| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|))) |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|))) |#memory_$Pointer$.base|) (= (store |v_#memory_int_481| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_int_481| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 4) (select (select |v_#memory_int_482| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 4)))) |v_#memory_int_482|) (= (select |#valid| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) 1) (<= 0 |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (<= 0 (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (= |#memory_int| (store |v_#memory_int_483| |v_ULTIMATE.start_l4_insert_~list#1.base_24| (store (select |v_#memory_int_483| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22| (select (select |#memory_int| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)))))) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (or (< |ULTIMATE.start_l3_insert_~list#1.offset| 0) (< (select |#length| |ULTIMATE.start_l3_insert_~list#1.base|) (+ |ULTIMATE.start_l3_insert_~list#1.offset| 4))))' at error location [2023-12-02 16:22:50,978 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 16:22:50,978 INFO L185 FreeRefinementEngine]: Found 0 perfect and 1 imperfect interpolant sequences. [2023-12-02 16:22:50,978 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16] total 16 [2023-12-02 16:22:50,978 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [734728701] [2023-12-02 16:22:50,978 INFO L85 oduleStraightlineAll]: Using 1 imperfect interpolants to construct interpolant automaton [2023-12-02 16:22:50,979 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2023-12-02 16:22:50,979 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 16:22:50,979 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2023-12-02 16:22:50,980 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=95, Invalid=1095, Unknown=0, NotChecked=0, Total=1190 [2023-12-02 16:22:50,980 INFO L87 Difference]: Start difference. First operand 224 states and 276 transitions. Second operand has 16 states, 15 states have (on average 2.8) internal successors, (42), 16 states have internal predecessors, (42), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:22:51,597 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 16:22:51,597 INFO L93 Difference]: Finished difference Result 226 states and 276 transitions. [2023-12-02 16:22:51,598 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2023-12-02 16:22:51,599 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 15 states have (on average 2.8) internal successors, (42), 16 states have internal predecessors, (42), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) Word has length 91 [2023-12-02 16:22:51,599 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 16:22:51,600 INFO L225 Difference]: With dead ends: 226 [2023-12-02 16:22:51,600 INFO L226 Difference]: Without dead ends: 224 [2023-12-02 16:22:51,601 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 194 GetRequests, 149 SyntacticMatches, 6 SemanticMatches, 39 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 387 ImplicationChecksByTransitivity, 5.3s TimeCoverageRelationStatistics Valid=130, Invalid=1510, Unknown=0, NotChecked=0, Total=1640 [2023-12-02 16:22:51,602 INFO L413 NwaCegarLoop]: 124 mSDtfsCounter, 18 mSDsluCounter, 893 mSDsCounter, 0 mSdLazyCounter, 526 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 1017 SdHoareTripleChecker+Invalid, 531 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 526 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2023-12-02 16:22:51,602 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 1017 Invalid, 531 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 526 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2023-12-02 16:22:51,603 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 224 states. [2023-12-02 16:22:51,608 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 224 to 224. [2023-12-02 16:22:51,609 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 224 states, 148 states have (on average 1.6216216216216217) internal successors, (240), 206 states have internal predecessors, (240), 13 states have call successors, (13), 4 states have call predecessors, (13), 6 states have return successors, (21), 13 states have call predecessors, (21), 12 states have call successors, (21) [2023-12-02 16:22:51,610 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 224 states to 224 states and 274 transitions. [2023-12-02 16:22:51,610 INFO L78 Accepts]: Start accepts. Automaton has 224 states and 274 transitions. Word has length 91 [2023-12-02 16:22:51,610 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 16:22:51,610 INFO L495 AbstractCegarLoop]: Abstraction has 224 states and 274 transitions. [2023-12-02 16:22:51,611 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 15 states have (on average 2.8) internal successors, (42), 16 states have internal predecessors, (42), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2023-12-02 16:22:51,611 INFO L276 IsEmpty]: Start isEmpty. Operand 224 states and 274 transitions. [2023-12-02 16:22:51,611 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 96 [2023-12-02 16:22:51,611 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 16:22:51,612 INFO L195 NwaCegarLoop]: trace histogram [42, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 16:22:51,636 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (17)] Ended with exit code 0 [2023-12-02 16:22:51,812 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 17 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable16 [2023-12-02 16:22:51,812 INFO L420 AbstractCegarLoop]: === Iteration 18 === Targeting ULTIMATE.startErr9REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2023-12-02 16:22:51,812 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 16:22:51,813 INFO L85 PathProgramCache]: Analyzing trace with hash 1422825969, now seen corresponding path program 5 times [2023-12-02 16:22:51,813 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 16:22:51,813 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1197156909] [2023-12-02 16:22:51,813 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 16:22:51,813 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 16:22:51,861 ERROR L246 FreeRefinementEngine]: Caught known exception: Unsupported non-linear arithmetic [2023-12-02 16:22:51,861 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [1638163792] [2023-12-02 16:22:51,861 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2023-12-02 16:22:51,861 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 16:22:51,861 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 16:22:51,862 INFO L229 MonitoredProcess]: Starting monitored process 18 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 16:22:51,863 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3b96ddcc-3934-4590-aa5b-1342c67162a1/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (18)] Waiting until timeout for monitored process