./Ultimate.py --spec ../../sv-benchmarks/c/properties/termination.prp --file ../../sv-benchmarks/c/termination-dietlibc/basename-3.i --full-output --architecture 64bit -------------------------------------------------------------------------------- Checking for termination Using default analysis Version d790fecc Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/config/AutomizerTermination.xml -i ../../sv-benchmarks/c/termination-dietlibc/basename-3.i -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/config/svcomp-Termination-64bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(F end) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 64bit --witnessprinter.graph.data.programhash 2e90cfbacdda20e6be76d151b413bd2dd94f7cfd4eb0e599012526f6643aab85 --- Real Ultimate output --- This is Ultimate 0.3.0-dev-d790fec [2024-11-27 23:27:36,699 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-27 23:27:36,834 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/config/svcomp-Termination-64bit-Automizer_Default.epf [2024-11-27 23:27:36,843 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-27 23:27:36,847 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-27 23:27:36,890 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-27 23:27:36,892 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-27 23:27:36,892 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-27 23:27:36,893 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-27 23:27:36,893 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-27 23:27:36,895 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-27 23:27:36,895 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-27 23:27:36,895 INFO L153 SettingsManager]: * Use SBE=true [2024-11-27 23:27:36,895 INFO L151 SettingsManager]: Preferences of BuchiAutomizer differ from their defaults: [2024-11-27 23:27:36,895 INFO L153 SettingsManager]: * NCSB implementation=INTSET_LAZY3 [2024-11-27 23:27:36,895 INFO L153 SettingsManager]: * Use old map elimination=false [2024-11-27 23:27:36,895 INFO L153 SettingsManager]: * Use external solver (rank synthesis)=false [2024-11-27 23:27:36,895 INFO L153 SettingsManager]: * Use only trivial implications for array writes=true [2024-11-27 23:27:36,895 INFO L153 SettingsManager]: * Rank analysis=LINEAR_WITH_GUESSES [2024-11-27 23:27:36,896 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-27 23:27:36,896 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=ASSUME [2024-11-27 23:27:36,896 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-27 23:27:36,896 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-27 23:27:36,896 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=ASSUME [2024-11-27 23:27:36,896 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=ASSUME [2024-11-27 23:27:36,896 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=ASSUME [2024-11-27 23:27:36,896 INFO L153 SettingsManager]: * Check unreachability of reach_error function=false [2024-11-27 23:27:36,896 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-27 23:27:36,896 INFO L153 SettingsManager]: * Assume nondeterminstic values are in range=false [2024-11-27 23:27:36,897 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2024-11-27 23:27:36,897 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-27 23:27:36,897 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-27 23:27:36,897 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-27 23:27:36,897 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-27 23:27:36,897 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL_NO_AM [2024-11-27 23:27:36,899 INFO L151 SettingsManager]: Preferences of IcfgTransformer differ from their defaults: [2024-11-27 23:27:36,899 INFO L153 SettingsManager]: * TransformationType=MODULO_NEIGHBOR Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(F end) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 64bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 2e90cfbacdda20e6be76d151b413bd2dd94f7cfd4eb0e599012526f6643aab85 [2024-11-27 23:27:37,279 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-27 23:27:37,289 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-27 23:27:37,292 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-27 23:27:37,293 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-27 23:27:37,294 INFO L274 PluginConnector]: CDTParser initialized [2024-11-27 23:27:37,295 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/../../sv-benchmarks/c/termination-dietlibc/basename-3.i [2024-11-27 23:27:40,617 INFO L533 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/data/3ddc67d7a/370a4998421d45a58c281df8ae07737a/FLAG929da3d2c [2024-11-27 23:27:40,914 INFO L384 CDTParser]: Found 1 translation units. [2024-11-27 23:27:40,915 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/sv-benchmarks/c/termination-dietlibc/basename-3.i [2024-11-27 23:27:40,928 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/data/3ddc67d7a/370a4998421d45a58c281df8ae07737a/FLAG929da3d2c [2024-11-27 23:27:40,944 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/data/3ddc67d7a/370a4998421d45a58c281df8ae07737a [2024-11-27 23:27:40,946 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-27 23:27:40,948 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-27 23:27:40,949 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-27 23:27:40,950 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-27 23:27:40,955 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-27 23:27:40,956 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 27.11 11:27:40" (1/1) ... [2024-11-27 23:27:40,957 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1953c4b5 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:40, skipping insertion in model container [2024-11-27 23:27:40,957 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 27.11 11:27:40" (1/1) ... [2024-11-27 23:27:40,993 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-27 23:27:41,271 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-27 23:27:41,285 INFO L200 MainTranslator]: Completed pre-run [2024-11-27 23:27:41,344 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-27 23:27:41,375 INFO L204 MainTranslator]: Completed translation [2024-11-27 23:27:41,375 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41 WrapperNode [2024-11-27 23:27:41,376 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-27 23:27:41,377 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-27 23:27:41,377 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-27 23:27:41,377 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-27 23:27:41,385 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,397 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,421 INFO L138 Inliner]: procedures = 114, calls = 12, calls flagged for inlining = 4, calls inlined = 4, statements flattened = 65 [2024-11-27 23:27:41,422 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-27 23:27:41,423 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-27 23:27:41,424 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-27 23:27:41,424 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-27 23:27:41,434 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,435 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,441 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,465 INFO L175 MemorySlicer]: Split 5 memory accesses to 1 slices as follows [5]. 100 percent of accesses are in the largest equivalence class. The 0 initializations are split as follows [0]. The 2 writes are split as follows [2]. [2024-11-27 23:27:41,468 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,468 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,478 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,479 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,485 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,486 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,490 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,493 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-27 23:27:41,496 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-27 23:27:41,497 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-27 23:27:41,500 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-27 23:27:41,502 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (1/1) ... [2024-11-27 23:27:41,510 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:41,524 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:41,540 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:41,544 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (1)] Waiting until timeout for monitored process [2024-11-27 23:27:41,583 INFO L130 BoogieDeclarations]: Found specification of procedure read~int#0 [2024-11-27 23:27:41,583 INFO L130 BoogieDeclarations]: Found specification of procedure write~int#0 [2024-11-27 23:27:41,583 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnStack [2024-11-27 23:27:41,583 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2024-11-27 23:27:41,583 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-27 23:27:41,584 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-27 23:27:41,685 INFO L234 CfgBuilder]: Building ICFG [2024-11-27 23:27:41,688 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-27 23:27:41,893 INFO L? ?]: Removed 33 outVars from TransFormulas that were not future-live. [2024-11-27 23:27:41,893 INFO L283 CfgBuilder]: Performing block encoding [2024-11-27 23:27:41,909 INFO L307 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-27 23:27:41,910 INFO L312 CfgBuilder]: Removed 1 assume(true) statements. [2024-11-27 23:27:41,911 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 27.11 11:27:41 BoogieIcfgContainer [2024-11-27 23:27:41,911 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-27 23:27:41,912 INFO L112 PluginConnector]: ------------------------BuchiAutomizer---------------------------- [2024-11-27 23:27:41,912 INFO L270 PluginConnector]: Initializing BuchiAutomizer... [2024-11-27 23:27:41,920 INFO L274 PluginConnector]: BuchiAutomizer initialized [2024-11-27 23:27:41,921 INFO L99 BuchiAutomizer]: Safety of program was proven or not checked, starting termination analysis [2024-11-27 23:27:41,922 INFO L184 PluginConnector]: Executing the observer BuchiAutomizerObserver from plugin BuchiAutomizer for "CDTParser AST 27.11 11:27:40" (1/3) ... [2024-11-27 23:27:41,923 INFO L204 PluginConnector]: Invalid model from BuchiAutomizer for observer de.uni_freiburg.informatik.ultimate.plugins.generator.buchiautomizer.BuchiAutomizerObserver@4aca13b9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.buchiautomizer AST 27.11 11:27:41, skipping insertion in model container [2024-11-27 23:27:41,923 INFO L99 BuchiAutomizer]: Safety of program was proven or not checked, starting termination analysis [2024-11-27 23:27:41,924 INFO L184 PluginConnector]: Executing the observer BuchiAutomizerObserver from plugin BuchiAutomizer for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 27.11 11:27:41" (2/3) ... [2024-11-27 23:27:41,925 INFO L204 PluginConnector]: Invalid model from BuchiAutomizer for observer de.uni_freiburg.informatik.ultimate.plugins.generator.buchiautomizer.BuchiAutomizerObserver@4aca13b9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.buchiautomizer AST 27.11 11:27:41, skipping insertion in model container [2024-11-27 23:27:41,925 INFO L99 BuchiAutomizer]: Safety of program was proven or not checked, starting termination analysis [2024-11-27 23:27:41,925 INFO L184 PluginConnector]: Executing the observer BuchiAutomizerObserver from plugin BuchiAutomizer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 27.11 11:27:41" (3/3) ... [2024-11-27 23:27:41,927 INFO L363 chiAutomizerObserver]: Analyzing ICFG basename-3.i [2024-11-27 23:27:41,992 INFO L300 stractBuchiCegarLoop]: Interprodecural is true [2024-11-27 23:27:41,992 INFO L301 stractBuchiCegarLoop]: Hoare is None [2024-11-27 23:27:41,993 INFO L302 stractBuchiCegarLoop]: Compute interpolants for ForwardPredicates [2024-11-27 23:27:41,993 INFO L303 stractBuchiCegarLoop]: Backedges is STRAIGHT_LINE [2024-11-27 23:27:41,993 INFO L304 stractBuchiCegarLoop]: Determinization is PREDICATE_ABSTRACTION [2024-11-27 23:27:41,993 INFO L305 stractBuchiCegarLoop]: Difference is false [2024-11-27 23:27:41,994 INFO L306 stractBuchiCegarLoop]: Minimize is MINIMIZE_SEVPA [2024-11-27 23:27:41,994 INFO L310 stractBuchiCegarLoop]: ======== Iteration 0 == of CEGAR loop == BuchiAutomatonCegarLoop ======== [2024-11-27 23:27:42,000 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand has 16 states, 15 states have (on average 1.4666666666666666) internal successors, (22), 15 states have internal predecessors, (22), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:42,023 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 9 [2024-11-27 23:27:42,024 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:27:42,025 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:27:42,031 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [1, 1, 1] [2024-11-27 23:27:42,032 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [1, 1, 1, 1, 1, 1] [2024-11-27 23:27:42,032 INFO L332 stractBuchiCegarLoop]: ======== Iteration 1 ============ [2024-11-27 23:27:42,032 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand has 16 states, 15 states have (on average 1.4666666666666666) internal successors, (22), 15 states have internal predecessors, (22), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:42,034 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 9 [2024-11-27 23:27:42,035 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:27:42,035 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:27:42,035 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [1, 1, 1] [2024-11-27 23:27:42,035 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [1, 1, 1, 1, 1, 1] [2024-11-27 23:27:42,043 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" [2024-11-27 23:27:42,044 INFO L749 eck$LassoCheckResult]: Loop: "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "assume !true;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" [2024-11-27 23:27:42,053 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:42,055 INFO L85 PathProgramCache]: Analyzing trace with hash 29860, now seen corresponding path program 1 times [2024-11-27 23:27:42,065 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:42,066 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [972818339] [2024-11-27 23:27:42,066 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:42,067 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:42,198 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:42,199 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:42,224 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:42,248 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:42,252 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:42,253 INFO L85 PathProgramCache]: Analyzing trace with hash 1170998909, now seen corresponding path program 1 times [2024-11-27 23:27:42,253 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:42,253 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [273843051] [2024-11-27 23:27:42,255 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:42,255 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:42,283 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:42,327 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:27:42,327 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [273843051] [2024-11-27 23:27:42,328 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [273843051] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:27:42,328 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1491492473] [2024-11-27 23:27:42,328 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:42,328 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:27:42,329 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:42,334 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:27:42,335 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-27 23:27:42,432 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:42,434 INFO L256 TraceCheckSpWp]: Trace formula consists of 47 conjuncts, 1 conjuncts are in the unsatisfiable core [2024-11-27 23:27:42,435 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:27:42,443 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:27:42,450 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1491492473] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:27:42,450 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:27:42,451 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [2, 2, 2] total 2 [2024-11-27 23:27:42,452 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [774534154] [2024-11-27 23:27:42,452 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:27:42,457 INFO L764 eck$LassoCheckResult]: loop already infeasible [2024-11-27 23:27:42,458 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:27:42,490 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-27 23:27:42,491 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-27 23:27:42,493 INFO L87 Difference]: Start difference. First operand has 16 states, 15 states have (on average 1.4666666666666666) internal successors, (22), 15 states have internal predecessors, (22), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Second operand has 2 states, 2 states have (on average 3.0) internal successors, (6), 2 states have internal predecessors, (6), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:42,499 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:27:42,499 INFO L93 Difference]: Finished difference Result 16 states and 21 transitions. [2024-11-27 23:27:42,501 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 16 states and 21 transitions. [2024-11-27 23:27:42,502 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 9 [2024-11-27 23:27:42,507 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 16 states to 12 states and 14 transitions. [2024-11-27 23:27:42,509 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 12 [2024-11-27 23:27:42,509 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 12 [2024-11-27 23:27:42,510 INFO L73 IsDeterministic]: Start isDeterministic. Operand 12 states and 14 transitions. [2024-11-27 23:27:42,510 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is deterministic. [2024-11-27 23:27:42,510 INFO L218 hiAutomatonCegarLoop]: Abstraction has 12 states and 14 transitions. [2024-11-27 23:27:42,522 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 12 states and 14 transitions. [2024-11-27 23:27:42,533 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 12 to 12. [2024-11-27 23:27:42,533 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12 states, 12 states have (on average 1.1666666666666667) internal successors, (14), 11 states have internal predecessors, (14), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:42,534 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12 states to 12 states and 14 transitions. [2024-11-27 23:27:42,535 INFO L240 hiAutomatonCegarLoop]: Abstraction has 12 states and 14 transitions. [2024-11-27 23:27:42,536 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-27 23:27:42,541 INFO L425 stractBuchiCegarLoop]: Abstraction has 12 states and 14 transitions. [2024-11-27 23:27:42,541 INFO L332 stractBuchiCegarLoop]: ======== Iteration 2 ============ [2024-11-27 23:27:42,541 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 12 states and 14 transitions. [2024-11-27 23:27:42,541 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 9 [2024-11-27 23:27:42,542 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:27:42,542 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:27:42,542 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [1, 1, 1] [2024-11-27 23:27:42,542 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:27:42,543 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" [2024-11-27 23:27:42,543 INFO L749 eck$LassoCheckResult]: Loop: "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" [2024-11-27 23:27:42,544 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:42,544 INFO L85 PathProgramCache]: Analyzing trace with hash 29860, now seen corresponding path program 2 times [2024-11-27 23:27:42,545 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:42,545 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1711083649] [2024-11-27 23:27:42,545 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:42,545 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:42,596 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:42,599 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:42,619 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:42,626 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:42,627 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:42,627 INFO L85 PathProgramCache]: Analyzing trace with hash -487125096, now seen corresponding path program 1 times [2024-11-27 23:27:42,627 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:42,630 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [723953280] [2024-11-27 23:27:42,631 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:42,631 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:42,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:43,053 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:27:43,054 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [723953280] [2024-11-27 23:27:43,054 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [723953280] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:27:43,054 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [533582546] [2024-11-27 23:27:43,054 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:43,054 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:27:43,054 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:43,059 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:27:43,061 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-27 23:27:43,159 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:43,163 INFO L256 TraceCheckSpWp]: Trace formula consists of 70 conjuncts, 25 conjuncts are in the unsatisfiable core [2024-11-27 23:27:43,167 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:27:43,302 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:27:43,412 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [533582546] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:27:43,413 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:27:43,414 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 4 [2024-11-27 23:27:43,414 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [77692040] [2024-11-27 23:27:43,414 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:27:43,414 INFO L764 eck$LassoCheckResult]: loop already infeasible [2024-11-27 23:27:43,415 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:27:43,415 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-27 23:27:43,416 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-27 23:27:43,416 INFO L87 Difference]: Start difference. First operand 12 states and 14 transitions. cyclomatic complexity: 3 Second operand has 6 states, 5 states have (on average 1.8) internal successors, (9), 5 states have internal predecessors, (9), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:43,564 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:27:43,564 INFO L93 Difference]: Finished difference Result 28 states and 34 transitions. [2024-11-27 23:27:43,564 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 28 states and 34 transitions. [2024-11-27 23:27:43,565 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 20 [2024-11-27 23:27:43,566 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 28 states to 23 states and 28 transitions. [2024-11-27 23:27:43,566 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 23 [2024-11-27 23:27:43,566 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 23 [2024-11-27 23:27:43,566 INFO L73 IsDeterministic]: Start isDeterministic. Operand 23 states and 28 transitions. [2024-11-27 23:27:43,568 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is deterministic. [2024-11-27 23:27:43,569 INFO L218 hiAutomatonCegarLoop]: Abstraction has 23 states and 28 transitions. [2024-11-27 23:27:43,569 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 23 states and 28 transitions. [2024-11-27 23:27:43,574 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 23 to 18. [2024-11-27 23:27:43,574 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 18 states, 18 states have (on average 1.2222222222222223) internal successors, (22), 17 states have internal predecessors, (22), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:43,575 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18 states to 18 states and 22 transitions. [2024-11-27 23:27:43,575 INFO L240 hiAutomatonCegarLoop]: Abstraction has 18 states and 22 transitions. [2024-11-27 23:27:43,576 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-27 23:27:43,576 INFO L425 stractBuchiCegarLoop]: Abstraction has 18 states and 22 transitions. [2024-11-27 23:27:43,577 INFO L332 stractBuchiCegarLoop]: ======== Iteration 3 ============ [2024-11-27 23:27:43,577 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 18 states and 22 transitions. [2024-11-27 23:27:43,578 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 15 [2024-11-27 23:27:43,579 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:27:43,579 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:27:43,580 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [1, 1, 1] [2024-11-27 23:27:43,581 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:27:43,581 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" [2024-11-27 23:27:43,581 INFO L749 eck$LassoCheckResult]: Loop: "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" [2024-11-27 23:27:43,582 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:43,582 INFO L85 PathProgramCache]: Analyzing trace with hash 29860, now seen corresponding path program 3 times [2024-11-27 23:27:43,584 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:43,585 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [869023935] [2024-11-27 23:27:43,585 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:43,585 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:43,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:43,608 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:43,621 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:43,624 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:43,628 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:43,628 INFO L85 PathProgramCache]: Analyzing trace with hash 1287882266, now seen corresponding path program 1 times [2024-11-27 23:27:43,628 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:43,628 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1675709480] [2024-11-27 23:27:43,628 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:43,628 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:43,665 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:43,949 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:27:43,950 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1675709480] [2024-11-27 23:27:43,950 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1675709480] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:27:43,950 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [609118463] [2024-11-27 23:27:43,950 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:43,950 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:27:43,951 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:43,957 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:27:43,959 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-11-27 23:27:44,032 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:44,035 INFO L256 TraceCheckSpWp]: Trace formula consists of 65 conjuncts, 14 conjuncts are in the unsatisfiable core [2024-11-27 23:27:44,037 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:27:44,157 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:27:44,449 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [609118463] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:27:44,449 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:27:44,449 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2024-11-27 23:27:44,450 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1510463526] [2024-11-27 23:27:44,450 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:27:44,451 INFO L764 eck$LassoCheckResult]: loop already infeasible [2024-11-27 23:27:44,451 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:27:44,452 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-27 23:27:44,452 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=19, Invalid=53, Unknown=0, NotChecked=0, Total=72 [2024-11-27 23:27:44,452 INFO L87 Difference]: Start difference. First operand 18 states and 22 transitions. cyclomatic complexity: 5 Second operand has 9 states, 8 states have (on average 2.0) internal successors, (16), 8 states have internal predecessors, (16), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:44,512 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:27:44,512 INFO L93 Difference]: Finished difference Result 26 states and 31 transitions. [2024-11-27 23:27:44,513 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 26 states and 31 transitions. [2024-11-27 23:27:44,514 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 19 [2024-11-27 23:27:44,515 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 26 states to 22 states and 27 transitions. [2024-11-27 23:27:44,517 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 22 [2024-11-27 23:27:44,517 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 22 [2024-11-27 23:27:44,517 INFO L73 IsDeterministic]: Start isDeterministic. Operand 22 states and 27 transitions. [2024-11-27 23:27:44,518 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is deterministic. [2024-11-27 23:27:44,518 INFO L218 hiAutomatonCegarLoop]: Abstraction has 22 states and 27 transitions. [2024-11-27 23:27:44,518 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 22 states and 27 transitions. [2024-11-27 23:27:44,520 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 22 to 18. [2024-11-27 23:27:44,521 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 18 states, 18 states have (on average 1.2222222222222223) internal successors, (22), 17 states have internal predecessors, (22), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:44,521 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18 states to 18 states and 22 transitions. [2024-11-27 23:27:44,521 INFO L240 hiAutomatonCegarLoop]: Abstraction has 18 states and 22 transitions. [2024-11-27 23:27:44,522 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-27 23:27:44,523 INFO L425 stractBuchiCegarLoop]: Abstraction has 18 states and 22 transitions. [2024-11-27 23:27:44,524 INFO L332 stractBuchiCegarLoop]: ======== Iteration 4 ============ [2024-11-27 23:27:44,524 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 18 states and 22 transitions. [2024-11-27 23:27:44,524 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 15 [2024-11-27 23:27:44,525 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:27:44,526 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:27:44,526 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [1, 1, 1] [2024-11-27 23:27:44,527 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [2, 2, 2, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:27:44,527 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" [2024-11-27 23:27:44,527 INFO L749 eck$LassoCheckResult]: Loop: "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" [2024-11-27 23:27:44,527 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:44,527 INFO L85 PathProgramCache]: Analyzing trace with hash 29860, now seen corresponding path program 4 times [2024-11-27 23:27:44,527 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:44,528 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1047671312] [2024-11-27 23:27:44,528 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:44,528 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:44,549 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:44,552 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:44,562 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:44,564 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:44,564 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:44,564 INFO L85 PathProgramCache]: Analyzing trace with hash 1065024256, now seen corresponding path program 1 times [2024-11-27 23:27:44,567 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:44,568 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [211671986] [2024-11-27 23:27:44,568 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:44,568 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:44,583 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:44,748 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:27:44,748 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [211671986] [2024-11-27 23:27:44,748 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [211671986] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:27:44,748 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [448793075] [2024-11-27 23:27:44,748 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:44,748 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:27:44,749 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:44,753 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:27:44,754 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2024-11-27 23:27:44,827 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:44,828 INFO L256 TraceCheckSpWp]: Trace formula consists of 93 conjuncts, 15 conjuncts are in the unsatisfiable core [2024-11-27 23:27:44,830 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:27:45,034 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 16 treesize of output 8 [2024-11-27 23:27:45,038 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:27:45,292 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [448793075] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:27:45,292 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:27:45,292 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9, 9] total 17 [2024-11-27 23:27:45,292 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [900912418] [2024-11-27 23:27:45,292 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:27:45,295 INFO L764 eck$LassoCheckResult]: loop already infeasible [2024-11-27 23:27:45,295 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:27:45,296 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2024-11-27 23:27:45,296 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=62, Invalid=210, Unknown=0, NotChecked=0, Total=272 [2024-11-27 23:27:45,296 INFO L87 Difference]: Start difference. First operand 18 states and 22 transitions. cyclomatic complexity: 5 Second operand has 17 states, 17 states have (on average 1.3529411764705883) internal successors, (23), 17 states have internal predecessors, (23), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:45,574 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:27:45,575 INFO L93 Difference]: Finished difference Result 26 states and 31 transitions. [2024-11-27 23:27:45,575 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 26 states and 31 transitions. [2024-11-27 23:27:45,576 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 23 [2024-11-27 23:27:45,579 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 26 states to 26 states and 31 transitions. [2024-11-27 23:27:45,579 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 26 [2024-11-27 23:27:45,579 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 26 [2024-11-27 23:27:45,580 INFO L73 IsDeterministic]: Start isDeterministic. Operand 26 states and 31 transitions. [2024-11-27 23:27:45,580 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is deterministic. [2024-11-27 23:27:45,580 INFO L218 hiAutomatonCegarLoop]: Abstraction has 26 states and 31 transitions. [2024-11-27 23:27:45,580 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 26 states and 31 transitions. [2024-11-27 23:27:45,583 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 26 to 20. [2024-11-27 23:27:45,583 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 20 states, 20 states have (on average 1.2) internal successors, (24), 19 states have internal predecessors, (24), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:45,585 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 20 states to 20 states and 24 transitions. [2024-11-27 23:27:45,585 INFO L240 hiAutomatonCegarLoop]: Abstraction has 20 states and 24 transitions. [2024-11-27 23:27:45,586 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-27 23:27:45,587 INFO L425 stractBuchiCegarLoop]: Abstraction has 20 states and 24 transitions. [2024-11-27 23:27:45,588 INFO L332 stractBuchiCegarLoop]: ======== Iteration 5 ============ [2024-11-27 23:27:45,588 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 20 states and 24 transitions. [2024-11-27 23:27:45,589 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 17 [2024-11-27 23:27:45,589 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:27:45,590 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:27:45,591 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [1, 1, 1] [2024-11-27 23:27:45,591 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [3, 3, 2, 2, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:27:45,591 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" [2024-11-27 23:27:45,591 INFO L749 eck$LassoCheckResult]: Loop: "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" [2024-11-27 23:27:45,592 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:45,592 INFO L85 PathProgramCache]: Analyzing trace with hash 29860, now seen corresponding path program 5 times [2024-11-27 23:27:45,592 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:45,592 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1047953707] [2024-11-27 23:27:45,592 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:45,592 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:45,604 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:45,608 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:45,619 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:45,622 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:45,622 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:45,624 INFO L85 PathProgramCache]: Analyzing trace with hash 26700010, now seen corresponding path program 1 times [2024-11-27 23:27:45,624 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:45,624 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1068834250] [2024-11-27 23:27:45,624 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:45,625 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:45,651 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:45,652 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:45,673 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:45,676 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:45,677 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:45,677 INFO L85 PathProgramCache]: Analyzing trace with hash 1156607655, now seen corresponding path program 1 times [2024-11-27 23:27:45,677 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:45,677 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [211538606] [2024-11-27 23:27:45,677 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:45,677 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:45,713 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:45,713 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:45,735 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:45,741 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:46,710 INFO L204 LassoAnalysis]: Preferences: [2024-11-27 23:27:46,711 INFO L125 ssoRankerPreferences]: Compute integeral hull: false [2024-11-27 23:27:46,712 INFO L126 ssoRankerPreferences]: Enable LassoPartitioneer: true [2024-11-27 23:27:46,712 INFO L127 ssoRankerPreferences]: Term annotations enabled: false [2024-11-27 23:27:46,712 INFO L128 ssoRankerPreferences]: Use exernal solver: false [2024-11-27 23:27:46,712 INFO L129 ssoRankerPreferences]: SMT solver command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:46,712 INFO L130 ssoRankerPreferences]: Dump SMT script to file: false [2024-11-27 23:27:46,713 INFO L131 ssoRankerPreferences]: Path of dumped script: [2024-11-27 23:27:46,713 INFO L132 ssoRankerPreferences]: Filename of dumped script: basename-3.i_Iteration5_Lasso [2024-11-27 23:27:46,713 INFO L133 ssoRankerPreferences]: MapElimAlgo: Frank [2024-11-27 23:27:46,713 INFO L241 LassoAnalysis]: Starting lasso preprocessing... [2024-11-27 23:27:46,735 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,750 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,754 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,757 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,760 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,763 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,768 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,771 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,775 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,778 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,783 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,787 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,793 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,798 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,803 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:46,807 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,043 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,046 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,050 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,056 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,059 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,063 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,066 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,069 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,073 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,078 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,081 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,085 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,088 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,091 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,094 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:47,450 INFO L259 LassoAnalysis]: Preprocessing complete. [2024-11-27 23:27:47,455 INFO L451 LassoAnalysis]: Using template 'affine'. [2024-11-27 23:27:47,457 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,457 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,461 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,463 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (6)] Waiting until timeout for monitored process [2024-11-27 23:27:47,465 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,484 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,484 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,484 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,485 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,485 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,493 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,493 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,496 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,508 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (6)] Ended with exit code 0 [2024-11-27 23:27:47,508 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,509 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,511 INFO L229 MonitoredProcess]: Starting monitored process 7 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,516 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,516 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (7)] Waiting until timeout for monitored process [2024-11-27 23:27:47,533 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,534 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,534 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,534 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,534 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,535 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,535 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,537 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,548 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (7)] Forceful destruction successful, exit code 0 [2024-11-27 23:27:47,548 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,549 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,551 INFO L229 MonitoredProcess]: Starting monitored process 8 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,556 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (8)] Waiting until timeout for monitored process [2024-11-27 23:27:47,556 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,573 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,573 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,574 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,574 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,574 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,574 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,574 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,577 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,587 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (8)] Ended with exit code 0 [2024-11-27 23:27:47,588 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,588 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,590 INFO L229 MonitoredProcess]: Starting monitored process 9 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,594 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (9)] Waiting until timeout for monitored process [2024-11-27 23:27:47,595 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,610 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,610 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,611 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,611 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,611 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,612 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,612 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,614 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,626 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (9)] Forceful destruction successful, exit code 0 [2024-11-27 23:27:47,626 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,627 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,629 INFO L229 MonitoredProcess]: Starting monitored process 10 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,633 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (10)] Waiting until timeout for monitored process [2024-11-27 23:27:47,634 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,648 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,648 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,648 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,648 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,648 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,649 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,649 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,651 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,662 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (10)] Forceful destruction successful, exit code 0 [2024-11-27 23:27:47,662 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,663 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,666 INFO L229 MonitoredProcess]: Starting monitored process 11 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,668 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (11)] Waiting until timeout for monitored process [2024-11-27 23:27:47,668 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,684 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,684 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,684 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,684 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,684 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,685 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,685 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,687 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,694 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (11)] Ended with exit code 0 [2024-11-27 23:27:47,694 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,694 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,696 INFO L229 MonitoredProcess]: Starting monitored process 12 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,697 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (12)] Waiting until timeout for monitored process [2024-11-27 23:27:47,699 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,712 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,712 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,713 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,713 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,713 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,713 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,713 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,715 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,722 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (12)] Ended with exit code 0 [2024-11-27 23:27:47,722 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,723 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,725 INFO L229 MonitoredProcess]: Starting monitored process 13 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,726 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (13)] Waiting until timeout for monitored process [2024-11-27 23:27:47,728 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,741 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,741 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,741 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,742 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,742 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,742 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,742 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,744 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,752 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (13)] Ended with exit code 0 [2024-11-27 23:27:47,752 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,753 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,755 INFO L229 MonitoredProcess]: Starting monitored process 14 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,756 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (14)] Waiting until timeout for monitored process [2024-11-27 23:27:47,758 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,771 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,771 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,772 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,772 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,772 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,772 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,772 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,778 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,788 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (14)] Ended with exit code 0 [2024-11-27 23:27:47,788 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,788 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,790 INFO L229 MonitoredProcess]: Starting monitored process 15 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,792 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (15)] Waiting until timeout for monitored process [2024-11-27 23:27:47,793 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,807 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,807 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,807 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,807 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,807 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,808 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,808 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,810 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,817 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (15)] Ended with exit code 0 [2024-11-27 23:27:47,817 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,817 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,819 INFO L229 MonitoredProcess]: Starting monitored process 16 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,821 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (16)] Waiting until timeout for monitored process [2024-11-27 23:27:47,822 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,836 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,836 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,836 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,836 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,836 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,837 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,837 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,838 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,845 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (16)] Ended with exit code 0 [2024-11-27 23:27:47,846 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,846 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,848 INFO L229 MonitoredProcess]: Starting monitored process 17 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,850 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (17)] Waiting until timeout for monitored process [2024-11-27 23:27:47,851 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,864 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,864 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,864 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,864 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,865 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,866 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,866 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,869 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,879 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (17)] Ended with exit code 0 [2024-11-27 23:27:47,879 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,879 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,881 INFO L229 MonitoredProcess]: Starting monitored process 18 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,882 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (18)] Waiting until timeout for monitored process [2024-11-27 23:27:47,884 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,897 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,898 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,898 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,898 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,898 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,898 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,898 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,906 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,913 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (18)] Ended with exit code 0 [2024-11-27 23:27:47,914 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,914 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,916 INFO L229 MonitoredProcess]: Starting monitored process 19 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,917 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (19)] Waiting until timeout for monitored process [2024-11-27 23:27:47,919 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,934 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,934 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,934 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,934 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,934 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,935 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,935 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,937 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,944 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (19)] Forceful destruction successful, exit code 0 [2024-11-27 23:27:47,944 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,944 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,946 INFO L229 MonitoredProcess]: Starting monitored process 20 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,948 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (20)] Waiting until timeout for monitored process [2024-11-27 23:27:47,949 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,962 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,962 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,963 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,963 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,963 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,963 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,963 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,965 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:47,972 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (20)] Ended with exit code 0 [2024-11-27 23:27:47,972 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:47,972 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:47,974 INFO L229 MonitoredProcess]: Starting monitored process 21 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:47,976 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (21)] Waiting until timeout for monitored process [2024-11-27 23:27:47,977 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:47,991 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:47,991 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:47,991 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:47,991 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:47,991 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:47,992 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:47,992 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:47,996 INFO L420 nArgumentSynthesizer]: Found a termination argument, trying to simplify. [2024-11-27 23:27:48,002 INFO L443 ModelExtractionUtils]: Simplification made 3 calls to the SMT solver. [2024-11-27 23:27:48,006 INFO L444 ModelExtractionUtils]: 0 out of 3 variables were initially zero. Simplification set additionally 1 variables to zero. [2024-11-27 23:27:48,007 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:48,008 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:48,012 INFO L229 MonitoredProcess]: Starting monitored process 22 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:48,013 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (22)] Waiting until timeout for monitored process [2024-11-27 23:27:48,014 INFO L435 nArgumentSynthesizer]: Simplifying supporting invariants... [2024-11-27 23:27:48,014 INFO L438 nArgumentSynthesizer]: Removed 0 redundant supporting invariants from a total of 0. [2024-11-27 23:27:48,014 INFO L474 LassoAnalysis]: Proved termination. [2024-11-27 23:27:48,015 INFO L476 LassoAnalysis]: Termination argument consisting of: Ranking function f(v_rep(select (select #memory_int#0 ULTIMATE.start_basename_~path#1.base) (+ ULTIMATE.start_basename_~path#1.offset 1))_1) = 1*v_rep(select (select #memory_int#0 ULTIMATE.start_basename_~path#1.base) (+ ULTIMATE.start_basename_~path#1.offset 1))_1 Supporting invariants [] [2024-11-27 23:27:48,022 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (21)] Ended with exit code 0 [2024-11-27 23:27:48,043 INFO L156 tatePredicateManager]: 4 out of 4 supporting invariants were superfluous and have been removed [2024-11-27 23:27:48,051 WARN L970 BoogieBacktranslator]: Unfinished Backtranslation: Unknown variable: #memory_int#0 [2024-11-27 23:27:48,051 WARN L970 BoogieBacktranslator]: Unfinished Backtranslation: Cannot backtranslate array access to array IdentifierExpression[#memory_int#0,GLOBAL] [2024-11-27 23:27:48,052 WARN L970 BoogieBacktranslator]: Unfinished Backtranslation: Cannot backtranslate array access to array ArrayAccessExpression[IdentifierExpression[#memory_int#0,GLOBAL],[IdentifierExpression[~path!base,]]] [2024-11-27 23:27:48,069 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:48,088 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:48,089 INFO L256 TraceCheckSpWp]: Trace formula consists of 39 conjuncts, 2 conjuncts are in the unsatisfiable core [2024-11-27 23:27:48,090 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:27:48,144 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:48,147 INFO L256 TraceCheckSpWp]: Trace formula consists of 111 conjuncts, 48 conjuncts are in the unsatisfiable core [2024-11-27 23:27:48,152 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:27:48,436 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (22)] Forceful destruction successful, exit code 0 [2024-11-27 23:27:48,830 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 0 proven. 10 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-27 23:27:48,835 INFO L141 lantAutomatonBouncer]: Defining deterministic Buchi interpolant automaton with honda bouncer for stem and without honda bouncer for loop.1 stem predicates 10 loop predicates [2024-11-27 23:27:48,837 INFO L71 iDifferenceNCSBLazy3]: Start buchiDifferenceNCSBLazy3. First operand 20 states and 24 transitions. cyclomatic complexity: 5 Second operand has 11 states, 11 states have (on average 1.7272727272727273) internal successors, (19), 11 states have internal predecessors, (19), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:49,406 INFO L75 iDifferenceNCSBLazy3]: Finished buchiDifferenceNCSBLazy3. First operand 20 states and 24 transitions. cyclomatic complexity: 5. Second operand has 11 states, 11 states have (on average 1.7272727272727273) internal successors, (19), 11 states have internal predecessors, (19), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Result 90 states and 108 transitions. Complement of second has 25 states. [2024-11-27 23:27:49,409 INFO L141 InterpolantAutomaton]: Switched to read-only mode: Buchi interpolant automaton has 13 states 1 stem states 11 non-accepting loop states 1 accepting loop states [2024-11-27 23:27:49,411 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11 states, 11 states have (on average 1.7272727272727273) internal successors, (19), 11 states have internal predecessors, (19), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:49,411 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13 states to 13 states and 37 transitions. [2024-11-27 23:27:49,419 INFO L84 BuchiAccepts]: Start buchiAccepts Operand 13 states and 37 transitions. Stem has 3 letters. Loop has 17 letters. [2024-11-27 23:27:49,421 INFO L116 BuchiAccepts]: Finished buchiAccepts. [2024-11-27 23:27:49,421 INFO L84 BuchiAccepts]: Start buchiAccepts Operand 13 states and 37 transitions. Stem has 20 letters. Loop has 17 letters. [2024-11-27 23:27:49,422 INFO L116 BuchiAccepts]: Finished buchiAccepts. [2024-11-27 23:27:49,423 INFO L84 BuchiAccepts]: Start buchiAccepts Operand 13 states and 37 transitions. Stem has 3 letters. Loop has 34 letters. [2024-11-27 23:27:49,423 INFO L116 BuchiAccepts]: Finished buchiAccepts. [2024-11-27 23:27:49,424 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 90 states and 108 transitions. [2024-11-27 23:27:49,429 INFO L131 ngComponentsAnalysis]: Automaton has 4 accepting balls. 31 [2024-11-27 23:27:49,430 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 90 states to 68 states and 81 transitions. [2024-11-27 23:27:49,432 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 50 [2024-11-27 23:27:49,432 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 51 [2024-11-27 23:27:49,433 INFO L73 IsDeterministic]: Start isDeterministic. Operand 68 states and 81 transitions. [2024-11-27 23:27:49,433 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:27:49,433 INFO L218 hiAutomatonCegarLoop]: Abstraction has 68 states and 81 transitions. [2024-11-27 23:27:49,433 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states and 81 transitions. [2024-11-27 23:27:49,436 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 42. [2024-11-27 23:27:49,438 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 42 states, 42 states have (on average 1.1904761904761905) internal successors, (50), 41 states have internal predecessors, (50), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:49,439 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 42 states to 42 states and 50 transitions. [2024-11-27 23:27:49,439 INFO L240 hiAutomatonCegarLoop]: Abstraction has 42 states and 50 transitions. [2024-11-27 23:27:49,439 INFO L425 stractBuchiCegarLoop]: Abstraction has 42 states and 50 transitions. [2024-11-27 23:27:49,439 INFO L332 stractBuchiCegarLoop]: ======== Iteration 6 ============ [2024-11-27 23:27:49,440 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 42 states and 50 transitions. [2024-11-27 23:27:49,441 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 17 [2024-11-27 23:27:49,445 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:27:49,445 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:27:49,446 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [1, 1, 1, 1, 1, 1] [2024-11-27 23:27:49,446 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [1, 1, 1, 1] [2024-11-27 23:27:49,446 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" [2024-11-27 23:27:49,446 INFO L749 eck$LassoCheckResult]: Loop: "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" [2024-11-27 23:27:49,447 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:49,447 INFO L85 PathProgramCache]: Analyzing trace with hash 889568330, now seen corresponding path program 1 times [2024-11-27 23:27:49,447 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:49,447 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1524583910] [2024-11-27 23:27:49,447 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:49,447 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:49,474 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:49,477 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:49,493 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:49,499 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:49,500 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:49,500 INFO L85 PathProgramCache]: Analyzing trace with hash 1543787, now seen corresponding path program 1 times [2024-11-27 23:27:49,500 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:49,500 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1742704835] [2024-11-27 23:27:49,500 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:49,500 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:49,511 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:49,511 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:49,514 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:49,518 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:49,523 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:49,523 INFO L85 PathProgramCache]: Analyzing trace with hash -2015101388, now seen corresponding path program 1 times [2024-11-27 23:27:49,523 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:49,523 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [112731739] [2024-11-27 23:27:49,523 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:49,524 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:49,551 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:49,551 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:49,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:49,574 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:50,198 INFO L204 LassoAnalysis]: Preferences: [2024-11-27 23:27:50,198 INFO L125 ssoRankerPreferences]: Compute integeral hull: false [2024-11-27 23:27:50,198 INFO L126 ssoRankerPreferences]: Enable LassoPartitioneer: true [2024-11-27 23:27:50,198 INFO L127 ssoRankerPreferences]: Term annotations enabled: false [2024-11-27 23:27:50,199 INFO L128 ssoRankerPreferences]: Use exernal solver: false [2024-11-27 23:27:50,199 INFO L129 ssoRankerPreferences]: SMT solver command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:50,199 INFO L130 ssoRankerPreferences]: Dump SMT script to file: false [2024-11-27 23:27:50,199 INFO L131 ssoRankerPreferences]: Path of dumped script: [2024-11-27 23:27:50,199 INFO L132 ssoRankerPreferences]: Filename of dumped script: basename-3.i_Iteration6_Lasso [2024-11-27 23:27:50,199 INFO L133 ssoRankerPreferences]: MapElimAlgo: Frank [2024-11-27 23:27:50,199 INFO L241 LassoAnalysis]: Starting lasso preprocessing... [2024-11-27 23:27:50,202 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,209 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,212 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,216 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,219 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,222 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,224 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,228 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,231 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,235 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,241 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,244 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,249 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,461 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,464 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,467 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,470 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,473 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,475 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,478 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,482 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,484 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,487 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,490 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:50,871 INFO L259 LassoAnalysis]: Preprocessing complete. [2024-11-27 23:27:50,871 INFO L451 LassoAnalysis]: Using template 'affine'. [2024-11-27 23:27:50,871 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:50,871 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:50,874 INFO L229 MonitoredProcess]: Starting monitored process 23 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:50,878 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (23)] Waiting until timeout for monitored process [2024-11-27 23:27:50,881 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:50,900 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:50,901 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:50,901 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:50,901 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:50,901 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:50,902 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:50,902 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:50,904 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:50,916 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (23)] Forceful destruction successful, exit code 0 [2024-11-27 23:27:50,916 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:50,916 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:50,919 INFO L229 MonitoredProcess]: Starting monitored process 24 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:50,922 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (24)] Waiting until timeout for monitored process [2024-11-27 23:27:50,926 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:50,944 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:50,944 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:50,944 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:50,944 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:50,945 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:50,945 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:50,945 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:50,947 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:50,959 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (24)] Ended with exit code 0 [2024-11-27 23:27:50,959 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:50,959 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:50,962 INFO L229 MonitoredProcess]: Starting monitored process 25 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:50,966 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (25)] Waiting until timeout for monitored process [2024-11-27 23:27:50,967 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:50,985 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:50,985 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:50,985 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:50,985 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:50,990 INFO L401 nArgumentSynthesizer]: We have 6 Motzkin's Theorem applications. [2024-11-27 23:27:50,990 INFO L402 nArgumentSynthesizer]: A total of 2 supporting invariants were added. [2024-11-27 23:27:50,996 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:51,007 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (25)] Ended with exit code 0 [2024-11-27 23:27:51,007 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:51,008 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:51,010 INFO L229 MonitoredProcess]: Starting monitored process 26 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:51,014 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:51,015 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (26)] Waiting until timeout for monitored process [2024-11-27 23:27:51,033 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:51,033 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:51,033 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:51,033 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:51,033 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:51,034 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:51,034 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:51,038 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:51,049 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (26)] Forceful destruction successful, exit code 0 [2024-11-27 23:27:51,049 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:51,049 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:51,051 INFO L229 MonitoredProcess]: Starting monitored process 27 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:51,052 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (27)] Waiting until timeout for monitored process [2024-11-27 23:27:51,054 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:51,068 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:51,068 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:51,068 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:51,068 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:51,068 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:51,068 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:51,069 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:51,070 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:51,081 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (27)] Ended with exit code 0 [2024-11-27 23:27:51,082 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:51,082 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:51,083 INFO L229 MonitoredProcess]: Starting monitored process 28 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:51,085 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (28)] Waiting until timeout for monitored process [2024-11-27 23:27:51,086 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:51,100 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:51,100 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:51,100 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:51,100 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:51,100 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:51,100 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:51,100 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:51,102 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:51,109 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (28)] Ended with exit code 0 [2024-11-27 23:27:51,109 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:51,109 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:51,112 INFO L229 MonitoredProcess]: Starting monitored process 29 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:51,113 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (29)] Waiting until timeout for monitored process [2024-11-27 23:27:51,114 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:51,128 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:51,128 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:51,128 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:51,128 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:51,128 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:51,129 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:51,129 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:51,130 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:51,137 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (29)] Ended with exit code 0 [2024-11-27 23:27:51,138 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:51,138 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:51,140 INFO L229 MonitoredProcess]: Starting monitored process 30 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:51,143 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (30)] Waiting until timeout for monitored process [2024-11-27 23:27:51,144 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:51,162 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:51,162 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:51,162 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:51,162 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:51,162 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:51,164 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:51,164 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:51,168 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:51,176 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (30)] Forceful destruction successful, exit code 0 [2024-11-27 23:27:51,176 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:51,176 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:51,178 INFO L229 MonitoredProcess]: Starting monitored process 31 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:51,180 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (31)] Waiting until timeout for monitored process [2024-11-27 23:27:51,181 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:51,194 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:51,194 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:51,194 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:51,194 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:51,194 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:51,195 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:51,195 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:51,197 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:51,203 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (31)] Forceful destruction successful, exit code 0 [2024-11-27 23:27:51,203 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:51,203 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:51,205 INFO L229 MonitoredProcess]: Starting monitored process 32 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:51,207 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (32)] Waiting until timeout for monitored process [2024-11-27 23:27:51,208 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:51,221 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:51,221 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:51,221 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:51,221 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:51,221 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:51,221 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:51,221 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:51,225 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:51,235 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (32)] Ended with exit code 0 [2024-11-27 23:27:51,236 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:51,236 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:51,238 INFO L229 MonitoredProcess]: Starting monitored process 33 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:51,241 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (33)] Waiting until timeout for monitored process [2024-11-27 23:27:51,242 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:51,260 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:51,260 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:51,260 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:51,260 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:51,260 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:51,262 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:51,262 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:51,265 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:51,277 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (33)] Ended with exit code 0 [2024-11-27 23:27:51,277 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:51,278 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:51,280 INFO L229 MonitoredProcess]: Starting monitored process 34 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:51,283 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (34)] Waiting until timeout for monitored process [2024-11-27 23:27:51,285 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:51,303 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:51,303 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:51,303 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:51,303 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:51,305 INFO L401 nArgumentSynthesizer]: We have 6 Motzkin's Theorem applications. [2024-11-27 23:27:51,305 INFO L402 nArgumentSynthesizer]: A total of 2 supporting invariants were added. [2024-11-27 23:27:51,311 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:51,322 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (34)] Ended with exit code 0 [2024-11-27 23:27:51,322 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:51,322 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:51,325 INFO L229 MonitoredProcess]: Starting monitored process 35 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:51,326 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (35)] Waiting until timeout for monitored process [2024-11-27 23:27:51,328 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:51,341 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:51,342 INFO L203 nArgumentSynthesizer]: 2 stem disjuncts [2024-11-27 23:27:51,342 INFO L204 nArgumentSynthesizer]: 4 loop disjuncts [2024-11-27 23:27:51,342 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:51,376 INFO L401 nArgumentSynthesizer]: We have 56 Motzkin's Theorem applications. [2024-11-27 23:27:51,376 INFO L402 nArgumentSynthesizer]: A total of 8 supporting invariants were added. [2024-11-27 23:27:51,434 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:51,444 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (35)] Ended with exit code 0 [2024-11-27 23:27:51,445 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:51,445 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:51,447 INFO L229 MonitoredProcess]: Starting monitored process 36 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:51,451 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (36)] Waiting until timeout for monitored process [2024-11-27 23:27:51,452 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:51,469 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:51,469 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:51,469 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:51,469 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:51,475 INFO L401 nArgumentSynthesizer]: We have 6 Motzkin's Theorem applications. [2024-11-27 23:27:51,475 INFO L402 nArgumentSynthesizer]: A total of 2 supporting invariants were added. [2024-11-27 23:27:51,488 INFO L420 nArgumentSynthesizer]: Found a termination argument, trying to simplify. [2024-11-27 23:27:51,536 INFO L443 ModelExtractionUtils]: Simplification made 15 calls to the SMT solver. [2024-11-27 23:27:51,536 INFO L444 ModelExtractionUtils]: 5 out of 16 variables were initially zero. Simplification set additionally 8 variables to zero. [2024-11-27 23:27:51,537 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:51,537 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:51,539 INFO L229 MonitoredProcess]: Starting monitored process 37 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:51,542 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (37)] Waiting until timeout for monitored process [2024-11-27 23:27:51,543 INFO L435 nArgumentSynthesizer]: Simplifying supporting invariants... [2024-11-27 23:27:51,558 INFO L438 nArgumentSynthesizer]: Removed 2 redundant supporting invariants from a total of 2. [2024-11-27 23:27:51,558 INFO L474 LassoAnalysis]: Proved termination. [2024-11-27 23:27:51,558 INFO L476 LassoAnalysis]: Termination argument consisting of: Ranking function f(ULTIMATE.start_strrchr_~t#1.offset, v_rep(select #length ULTIMATE.start_main_#t~malloc8#1.base)_2) = -1*ULTIMATE.start_strrchr_~t#1.offset + 1*v_rep(select #length ULTIMATE.start_main_#t~malloc8#1.base)_2 Supporting invariants [] [2024-11-27 23:27:51,564 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (36)] Forceful destruction successful, exit code 0 [2024-11-27 23:27:51,574 INFO L156 tatePredicateManager]: 2 out of 3 supporting invariants were superfluous and have been removed [2024-11-27 23:27:51,576 WARN L970 BoogieBacktranslator]: Unfinished Backtranslation: Unknown variable: #length [2024-11-27 23:27:51,577 WARN L970 BoogieBacktranslator]: Unfinished Backtranslation: Cannot backtranslate array access to array IdentifierExpression[#length,GLOBAL] [2024-11-27 23:27:51,578 WARN L970 BoogieBacktranslator]: Unfinished Backtranslation: Unknown variable: ~t!offset [2024-11-27 23:27:51,603 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:51,628 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:51,629 INFO L256 TraceCheckSpWp]: Trace formula consists of 64 conjuncts, 12 conjuncts are in the unsatisfiable core [2024-11-27 23:27:51,630 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:27:51,673 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (37)] Forceful destruction successful, exit code 0 [2024-11-27 23:27:51,698 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:51,699 INFO L256 TraceCheckSpWp]: Trace formula consists of 22 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-27 23:27:51,699 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:27:51,770 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-27 23:27:51,771 INFO L141 lantAutomatonBouncer]: Defining deterministic Buchi interpolant automaton with honda bouncer for stem and without honda bouncer for loop.3 stem predicates 3 loop predicates [2024-11-27 23:27:51,771 INFO L71 iDifferenceNCSBLazy3]: Start buchiDifferenceNCSBLazy3. First operand 42 states and 50 transitions. cyclomatic complexity: 10 Second operand has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 6 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:51,880 INFO L75 iDifferenceNCSBLazy3]: Finished buchiDifferenceNCSBLazy3. First operand 42 states and 50 transitions. cyclomatic complexity: 10. Second operand has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 6 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Result 100 states and 119 transitions. Complement of second has 7 states. [2024-11-27 23:27:51,881 INFO L141 InterpolantAutomaton]: Switched to read-only mode: Buchi interpolant automaton has 5 states 3 stem states 1 non-accepting loop states 1 accepting loop states [2024-11-27 23:27:51,882 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 1.6666666666666667) internal successors, (10), 6 states have internal predecessors, (10), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:51,882 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 16 transitions. [2024-11-27 23:27:51,882 INFO L84 BuchiAccepts]: Start buchiAccepts Operand 5 states and 16 transitions. Stem has 6 letters. Loop has 4 letters. [2024-11-27 23:27:51,883 INFO L116 BuchiAccepts]: Finished buchiAccepts. [2024-11-27 23:27:51,883 INFO L84 BuchiAccepts]: Start buchiAccepts Operand 5 states and 16 transitions. Stem has 10 letters. Loop has 4 letters. [2024-11-27 23:27:51,883 INFO L116 BuchiAccepts]: Finished buchiAccepts. [2024-11-27 23:27:51,883 INFO L84 BuchiAccepts]: Start buchiAccepts Operand 5 states and 16 transitions. Stem has 6 letters. Loop has 8 letters. [2024-11-27 23:27:51,884 INFO L116 BuchiAccepts]: Finished buchiAccepts. [2024-11-27 23:27:51,884 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 100 states and 119 transitions. [2024-11-27 23:27:51,886 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 21 [2024-11-27 23:27:51,887 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 100 states to 92 states and 110 transitions. [2024-11-27 23:27:51,887 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 44 [2024-11-27 23:27:51,887 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 46 [2024-11-27 23:27:51,887 INFO L73 IsDeterministic]: Start isDeterministic. Operand 92 states and 110 transitions. [2024-11-27 23:27:51,888 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:27:51,888 INFO L218 hiAutomatonCegarLoop]: Abstraction has 92 states and 110 transitions. [2024-11-27 23:27:51,888 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 92 states and 110 transitions. [2024-11-27 23:27:51,892 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 92 to 87. [2024-11-27 23:27:51,893 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 87 states, 87 states have (on average 1.206896551724138) internal successors, (105), 86 states have internal predecessors, (105), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:51,894 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 87 states to 87 states and 105 transitions. [2024-11-27 23:27:51,894 INFO L240 hiAutomatonCegarLoop]: Abstraction has 87 states and 105 transitions. [2024-11-27 23:27:51,894 INFO L425 stractBuchiCegarLoop]: Abstraction has 87 states and 105 transitions. [2024-11-27 23:27:51,894 INFO L332 stractBuchiCegarLoop]: ======== Iteration 7 ============ [2024-11-27 23:27:51,894 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 87 states and 105 transitions. [2024-11-27 23:27:51,895 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 21 [2024-11-27 23:27:51,896 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:27:51,896 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:27:51,896 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [3, 3, 2, 2, 1, 1, 1, 1] [2024-11-27 23:27:51,896 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [1, 1, 1, 1] [2024-11-27 23:27:51,897 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" [2024-11-27 23:27:51,897 INFO L749 eck$LassoCheckResult]: Loop: "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" [2024-11-27 23:27:51,897 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:51,897 INFO L85 PathProgramCache]: Analyzing trace with hash -1275711976, now seen corresponding path program 1 times [2024-11-27 23:27:51,897 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:51,897 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1824689607] [2024-11-27 23:27:51,898 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:51,898 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:51,914 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:51,915 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:51,926 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:51,930 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:51,930 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:51,931 INFO L85 PathProgramCache]: Analyzing trace with hash 1543785, now seen corresponding path program 1 times [2024-11-27 23:27:51,931 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:51,931 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1087166886] [2024-11-27 23:27:51,931 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:51,931 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:51,936 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:51,936 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:51,939 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:51,941 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:51,942 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:51,942 INFO L85 PathProgramCache]: Analyzing trace with hash 1384831232, now seen corresponding path program 2 times [2024-11-27 23:27:51,942 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:51,942 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1197064742] [2024-11-27 23:27:51,942 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:51,942 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:51,962 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:51,962 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:51,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:51,979 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:53,011 INFO L204 LassoAnalysis]: Preferences: [2024-11-27 23:27:53,011 INFO L125 ssoRankerPreferences]: Compute integeral hull: false [2024-11-27 23:27:53,012 INFO L126 ssoRankerPreferences]: Enable LassoPartitioneer: true [2024-11-27 23:27:53,012 INFO L127 ssoRankerPreferences]: Term annotations enabled: false [2024-11-27 23:27:53,012 INFO L128 ssoRankerPreferences]: Use exernal solver: false [2024-11-27 23:27:53,012 INFO L129 ssoRankerPreferences]: SMT solver command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:53,012 INFO L130 ssoRankerPreferences]: Dump SMT script to file: false [2024-11-27 23:27:53,012 INFO L131 ssoRankerPreferences]: Path of dumped script: [2024-11-27 23:27:53,012 INFO L132 ssoRankerPreferences]: Filename of dumped script: basename-3.i_Iteration7_Lasso [2024-11-27 23:27:53,012 INFO L133 ssoRankerPreferences]: MapElimAlgo: Frank [2024-11-27 23:27:53,012 INFO L241 LassoAnalysis]: Starting lasso preprocessing... [2024-11-27 23:27:53,020 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,023 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,341 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,345 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,348 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,351 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,353 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,356 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,359 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,366 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,374 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,377 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,380 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,383 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,386 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,389 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,391 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,394 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,397 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,400 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,403 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,406 INFO L118 MapEliminator]: Using MapEliminator with SimplificationTechnique=SIMPLIFY_DDA AddInequalities=false OnlyTrivialImplicationsArrayWrite=true OnlyTrivialImplicationsForModifiedArguments=true OnlyArgumentsInFormula=true [2024-11-27 23:27:53,757 INFO L259 LassoAnalysis]: Preprocessing complete. [2024-11-27 23:27:53,758 INFO L451 LassoAnalysis]: Using template 'affine'. [2024-11-27 23:27:53,758 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:53,758 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:53,763 INFO L229 MonitoredProcess]: Starting monitored process 38 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:53,766 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (38)] Waiting until timeout for monitored process [2024-11-27 23:27:53,767 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:53,785 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:53,786 INFO L351 nArgumentSynthesizer]: There is no stem transition; disabling supporting invariant generation. [2024-11-27 23:27:53,786 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:53,786 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:53,786 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:53,787 INFO L401 nArgumentSynthesizer]: We have 2 Motzkin's Theorem applications. [2024-11-27 23:27:53,787 INFO L402 nArgumentSynthesizer]: A total of 0 supporting invariants were added. [2024-11-27 23:27:53,789 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:53,801 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (38)] Ended with exit code 0 [2024-11-27 23:27:53,802 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:53,802 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:53,805 INFO L229 MonitoredProcess]: Starting monitored process 39 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:53,808 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (39)] Waiting until timeout for monitored process [2024-11-27 23:27:53,811 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:53,829 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:53,829 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:53,829 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:53,829 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:53,834 INFO L401 nArgumentSynthesizer]: We have 6 Motzkin's Theorem applications. [2024-11-27 23:27:53,834 INFO L402 nArgumentSynthesizer]: A total of 2 supporting invariants were added. [2024-11-27 23:27:53,842 INFO L488 LassoAnalysis]: Proving termination failed for this template and these settings. [2024-11-27 23:27:53,850 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (39)] Ended with exit code 0 [2024-11-27 23:27:53,850 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:53,851 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:53,853 INFO L229 MonitoredProcess]: Starting monitored process 40 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:53,855 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (40)] Waiting until timeout for monitored process [2024-11-27 23:27:53,857 INFO L120 nArgumentSynthesizer]: Termination Analysis Settings: Termination analysis: LINEAR_WITH_GUESSESNumber of strict supporting invariants: 0Number of non-strict supporting invariants: 1Consider only non-deceasing supporting invariants: trueSimplify termination arguments: trueSimplify supporting invariants: trueOverapproximate stem: false [2024-11-27 23:27:53,871 INFO L338 nArgumentSynthesizer]: Template has degree 0. [2024-11-27 23:27:53,871 INFO L203 nArgumentSynthesizer]: 1 stem disjuncts [2024-11-27 23:27:53,871 INFO L204 nArgumentSynthesizer]: 1 loop disjuncts [2024-11-27 23:27:53,871 INFO L205 nArgumentSynthesizer]: 2 template conjuncts. [2024-11-27 23:27:53,879 INFO L401 nArgumentSynthesizer]: We have 6 Motzkin's Theorem applications. [2024-11-27 23:27:53,879 INFO L402 nArgumentSynthesizer]: A total of 2 supporting invariants were added. [2024-11-27 23:27:53,896 INFO L420 nArgumentSynthesizer]: Found a termination argument, trying to simplify. [2024-11-27 23:27:53,919 INFO L443 ModelExtractionUtils]: Simplification made 10 calls to the SMT solver. [2024-11-27 23:27:53,919 INFO L444 ModelExtractionUtils]: 3 out of 19 variables were initially zero. Simplification set additionally 13 variables to zero. [2024-11-27 23:27:53,920 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 [2024-11-27 23:27:53,920 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:53,922 INFO L229 MonitoredProcess]: Starting monitored process 41 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (exit command is (exit), workingDir is null) [2024-11-27 23:27:53,923 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (41)] Waiting until timeout for monitored process [2024-11-27 23:27:53,924 INFO L435 nArgumentSynthesizer]: Simplifying supporting invariants... [2024-11-27 23:27:53,938 INFO L438 nArgumentSynthesizer]: Removed 2 redundant supporting invariants from a total of 2. [2024-11-27 23:27:53,939 INFO L474 LassoAnalysis]: Proved termination. [2024-11-27 23:27:53,939 INFO L476 LassoAnalysis]: Termination argument consisting of: Ranking function f(ULTIMATE.start_strrchr_~t#1.offset, v_rep(select #length ULTIMATE.start_main_#t~malloc8#1.base)_3) = -1*ULTIMATE.start_strrchr_~t#1.offset + 1*v_rep(select #length ULTIMATE.start_main_#t~malloc8#1.base)_3 Supporting invariants [] [2024-11-27 23:27:53,946 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (40)] Forceful destruction successful, exit code 0 [2024-11-27 23:27:53,958 INFO L156 tatePredicateManager]: 3 out of 4 supporting invariants were superfluous and have been removed [2024-11-27 23:27:53,960 WARN L970 BoogieBacktranslator]: Unfinished Backtranslation: Unknown variable: #length [2024-11-27 23:27:53,960 WARN L970 BoogieBacktranslator]: Unfinished Backtranslation: Cannot backtranslate array access to array IdentifierExpression[#length,GLOBAL] [2024-11-27 23:27:53,960 WARN L970 BoogieBacktranslator]: Unfinished Backtranslation: Unknown variable: ~t!offset [2024-11-27 23:27:53,994 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:54,033 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:54,036 INFO L256 TraceCheckSpWp]: Trace formula consists of 115 conjuncts, 16 conjuncts are in the unsatisfiable core [2024-11-27 23:27:54,037 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:27:54,119 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:54,120 INFO L256 TraceCheckSpWp]: Trace formula consists of 27 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-27 23:27:54,121 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:27:54,175 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 SMTLIB2_COMPLIANT=true -memory:1024 -smt2 -in -t:12000 (41)] Ended with exit code 0 [2024-11-27 23:27:54,204 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-27 23:27:54,204 INFO L141 lantAutomatonBouncer]: Defining deterministic Buchi interpolant automaton with honda bouncer for stem and without honda bouncer for loop.3 stem predicates 3 loop predicates [2024-11-27 23:27:54,204 INFO L71 iDifferenceNCSBLazy3]: Start buchiDifferenceNCSBLazy3. First operand 87 states and 105 transitions. cyclomatic complexity: 24 Second operand has 6 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 6 states have internal predecessors, (13), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:54,284 INFO L75 iDifferenceNCSBLazy3]: Finished buchiDifferenceNCSBLazy3. First operand 87 states and 105 transitions. cyclomatic complexity: 24. Second operand has 6 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 6 states have internal predecessors, (13), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Result 135 states and 169 transitions. Complement of second has 7 states. [2024-11-27 23:27:54,286 INFO L141 InterpolantAutomaton]: Switched to read-only mode: Buchi interpolant automaton has 5 states 3 stem states 1 non-accepting loop states 1 accepting loop states [2024-11-27 23:27:54,286 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6 states, 6 states have (on average 2.1666666666666665) internal successors, (13), 6 states have internal predecessors, (13), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:54,287 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5 states to 5 states and 16 transitions. [2024-11-27 23:27:54,287 INFO L84 BuchiAccepts]: Start buchiAccepts Operand 5 states and 16 transitions. Stem has 14 letters. Loop has 4 letters. [2024-11-27 23:27:54,287 INFO L116 BuchiAccepts]: Finished buchiAccepts. [2024-11-27 23:27:54,287 INFO L84 BuchiAccepts]: Start buchiAccepts Operand 5 states and 16 transitions. Stem has 18 letters. Loop has 4 letters. [2024-11-27 23:27:54,287 INFO L116 BuchiAccepts]: Finished buchiAccepts. [2024-11-27 23:27:54,287 INFO L84 BuchiAccepts]: Start buchiAccepts Operand 5 states and 16 transitions. Stem has 14 letters. Loop has 8 letters. [2024-11-27 23:27:54,288 INFO L116 BuchiAccepts]: Finished buchiAccepts. [2024-11-27 23:27:54,288 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 135 states and 169 transitions. [2024-11-27 23:27:54,290 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 17 [2024-11-27 23:27:54,291 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 135 states to 104 states and 125 transitions. [2024-11-27 23:27:54,292 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 34 [2024-11-27 23:27:54,292 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 36 [2024-11-27 23:27:54,292 INFO L73 IsDeterministic]: Start isDeterministic. Operand 104 states and 125 transitions. [2024-11-27 23:27:54,292 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:27:54,292 INFO L218 hiAutomatonCegarLoop]: Abstraction has 104 states and 125 transitions. [2024-11-27 23:27:54,293 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 104 states and 125 transitions. [2024-11-27 23:27:54,296 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 104 to 73. [2024-11-27 23:27:54,297 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 73 states, 73 states have (on average 1.1917808219178083) internal successors, (87), 72 states have internal predecessors, (87), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:54,298 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 73 states to 73 states and 87 transitions. [2024-11-27 23:27:54,298 INFO L240 hiAutomatonCegarLoop]: Abstraction has 73 states and 87 transitions. [2024-11-27 23:27:54,298 INFO L425 stractBuchiCegarLoop]: Abstraction has 73 states and 87 transitions. [2024-11-27 23:27:54,298 INFO L332 stractBuchiCegarLoop]: ======== Iteration 8 ============ [2024-11-27 23:27:54,298 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 73 states and 87 transitions. [2024-11-27 23:27:54,299 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 17 [2024-11-27 23:27:54,299 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:27:54,299 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:27:54,300 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [3, 3, 2, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:27:54,300 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [3, 3, 2, 2, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:27:54,300 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:27:54,300 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:27:54,301 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:54,301 INFO L85 PathProgramCache]: Analyzing trace with hash -1192462433, now seen corresponding path program 1 times [2024-11-27 23:27:54,301 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:54,301 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1464304641] [2024-11-27 23:27:54,301 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:54,301 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:54,316 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:54,316 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:54,326 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:54,329 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:54,330 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:54,330 INFO L85 PathProgramCache]: Analyzing trace with hash 1174064022, now seen corresponding path program 2 times [2024-11-27 23:27:54,330 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:54,330 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1377899763] [2024-11-27 23:27:54,330 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:54,330 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:54,341 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:54,342 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:54,349 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:54,353 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:54,353 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:54,353 INFO L85 PathProgramCache]: Analyzing trace with hash 615826360, now seen corresponding path program 2 times [2024-11-27 23:27:54,353 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:54,354 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1715089343] [2024-11-27 23:27:54,354 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:54,354 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:54,394 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:55,601 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:27:55,602 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1715089343] [2024-11-27 23:27:55,602 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1715089343] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:27:55,602 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [993470486] [2024-11-27 23:27:55,602 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:55,602 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:27:55,602 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:55,604 INFO L229 MonitoredProcess]: Starting monitored process 42 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:27:55,607 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (42)] Waiting until timeout for monitored process [2024-11-27 23:27:55,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:55,710 INFO L256 TraceCheckSpWp]: Trace formula consists of 226 conjuncts, 61 conjuncts are in the unsatisfiable core [2024-11-27 23:27:55,713 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:27:55,818 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:27:55,946 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:27:55,946 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:27:55,985 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:27:56,203 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:27:56,204 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 119 treesize of output 95 [2024-11-27 23:27:56,673 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [993470486] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:27:56,673 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:27:56,673 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 14, 14] total 29 [2024-11-27 23:27:56,673 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1461265682] [2024-11-27 23:27:56,673 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:27:57,234 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:27:57,234 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 29 interpolants. [2024-11-27 23:27:57,235 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=83, Invalid=729, Unknown=0, NotChecked=0, Total=812 [2024-11-27 23:27:57,235 INFO L87 Difference]: Start difference. First operand 73 states and 87 transitions. cyclomatic complexity: 19 Second operand has 29 states, 29 states have (on average 2.0344827586206895) internal successors, (59), 29 states have internal predecessors, (59), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:58,742 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:27:58,743 INFO L93 Difference]: Finished difference Result 164 states and 191 transitions. [2024-11-27 23:27:58,743 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 164 states and 191 transitions. [2024-11-27 23:27:58,745 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 80 [2024-11-27 23:27:58,746 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 164 states to 158 states and 185 transitions. [2024-11-27 23:27:58,746 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 104 [2024-11-27 23:27:58,747 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 112 [2024-11-27 23:27:58,747 INFO L73 IsDeterministic]: Start isDeterministic. Operand 158 states and 185 transitions. [2024-11-27 23:27:58,747 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:27:58,747 INFO L218 hiAutomatonCegarLoop]: Abstraction has 158 states and 185 transitions. [2024-11-27 23:27:58,747 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 158 states and 185 transitions. [2024-11-27 23:27:58,753 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 158 to 94. [2024-11-27 23:27:58,754 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 94 states, 94 states have (on average 1.2234042553191489) internal successors, (115), 93 states have internal predecessors, (115), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:27:58,759 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 94 states to 94 states and 115 transitions. [2024-11-27 23:27:58,760 INFO L240 hiAutomatonCegarLoop]: Abstraction has 94 states and 115 transitions. [2024-11-27 23:27:58,762 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2024-11-27 23:27:58,762 INFO L425 stractBuchiCegarLoop]: Abstraction has 94 states and 115 transitions. [2024-11-27 23:27:58,764 INFO L332 stractBuchiCegarLoop]: ======== Iteration 9 ============ [2024-11-27 23:27:58,765 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 94 states and 115 transitions. [2024-11-27 23:27:58,766 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 52 [2024-11-27 23:27:58,768 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:27:58,769 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:27:58,769 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [3, 3, 2, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:27:58,771 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [5, 5, 4, 3, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:27:58,771 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:27:58,771 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:27:58,772 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:58,772 INFO L85 PathProgramCache]: Analyzing trace with hash -1893527011, now seen corresponding path program 2 times [2024-11-27 23:27:58,772 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:58,772 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1851118770] [2024-11-27 23:27:58,772 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:58,773 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:58,803 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:58,803 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:58,817 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:58,824 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:58,829 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:58,830 INFO L85 PathProgramCache]: Analyzing trace with hash 1689447018, now seen corresponding path program 3 times [2024-11-27 23:27:58,830 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:58,830 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [843674986] [2024-11-27 23:27:58,833 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:58,834 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:58,856 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:58,856 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:27:58,866 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:27:58,870 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:27:58,870 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:27:58,870 INFO L85 PathProgramCache]: Analyzing trace with hash -1903349810, now seen corresponding path program 3 times [2024-11-27 23:27:58,870 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:27:58,871 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1817597678] [2024-11-27 23:27:58,871 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:58,871 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:27:58,897 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:59,843 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:27:59,844 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1817597678] [2024-11-27 23:27:59,844 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1817597678] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:27:59,844 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1491858266] [2024-11-27 23:27:59,844 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:27:59,844 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:27:59,845 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:27:59,848 INFO L229 MonitoredProcess]: Starting monitored process 43 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:27:59,851 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (43)] Waiting until timeout for monitored process [2024-11-27 23:27:59,979 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:27:59,985 INFO L256 TraceCheckSpWp]: Trace formula consists of 267 conjuncts, 53 conjuncts are in the unsatisfiable core [2024-11-27 23:27:59,989 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:28:00,090 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:28:00,146 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:28:00,177 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:28:00,271 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1491858266] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:28:00,271 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:28:00,271 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 11, 11] total 17 [2024-11-27 23:28:00,271 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1683905589] [2024-11-27 23:28:00,272 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:28:01,211 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:28:01,212 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2024-11-27 23:28:01,212 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=236, Unknown=0, NotChecked=0, Total=272 [2024-11-27 23:28:01,212 INFO L87 Difference]: Start difference. First operand 94 states and 115 transitions. cyclomatic complexity: 27 Second operand has 17 states, 17 states have (on average 2.8823529411764706) internal successors, (49), 17 states have internal predecessors, (49), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:01,574 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:28:01,574 INFO L93 Difference]: Finished difference Result 115 states and 139 transitions. [2024-11-27 23:28:01,575 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 115 states and 139 transitions. [2024-11-27 23:28:01,576 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 33 [2024-11-27 23:28:01,578 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 115 states to 80 states and 97 transitions. [2024-11-27 23:28:01,582 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 44 [2024-11-27 23:28:01,582 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 44 [2024-11-27 23:28:01,583 INFO L73 IsDeterministic]: Start isDeterministic. Operand 80 states and 97 transitions. [2024-11-27 23:28:01,584 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:28:01,584 INFO L218 hiAutomatonCegarLoop]: Abstraction has 80 states and 97 transitions. [2024-11-27 23:28:01,584 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states and 97 transitions. [2024-11-27 23:28:01,587 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 42. [2024-11-27 23:28:01,587 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 42 states, 42 states have (on average 1.2380952380952381) internal successors, (52), 41 states have internal predecessors, (52), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:01,588 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 42 states to 42 states and 52 transitions. [2024-11-27 23:28:01,588 INFO L240 hiAutomatonCegarLoop]: Abstraction has 42 states and 52 transitions. [2024-11-27 23:28:01,588 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2024-11-27 23:28:01,589 INFO L425 stractBuchiCegarLoop]: Abstraction has 42 states and 52 transitions. [2024-11-27 23:28:01,589 INFO L332 stractBuchiCegarLoop]: ======== Iteration 10 ============ [2024-11-27 23:28:01,589 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 42 states and 52 transitions. [2024-11-27 23:28:01,591 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 21 [2024-11-27 23:28:01,591 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:28:01,592 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:28:01,593 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [4, 4, 3, 3, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:01,593 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [4, 4, 3, 3, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:01,593 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:01,593 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:01,594 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:01,594 INFO L85 PathProgramCache]: Analyzing trace with hash -1195844343, now seen corresponding path program 3 times [2024-11-27 23:28:01,594 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:01,594 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1934753513] [2024-11-27 23:28:01,595 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:01,595 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:01,617 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:01,617 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:01,628 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:01,635 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:01,635 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:01,638 INFO L85 PathProgramCache]: Analyzing trace with hash -2076903426, now seen corresponding path program 4 times [2024-11-27 23:28:01,638 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:01,638 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1935100060] [2024-11-27 23:28:01,638 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:01,638 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:01,652 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:01,652 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:01,666 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:01,669 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:01,670 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:01,672 INFO L85 PathProgramCache]: Analyzing trace with hash -1798959114, now seen corresponding path program 4 times [2024-11-27 23:28:01,672 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:01,672 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [421794263] [2024-11-27 23:28:01,673 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:01,673 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:01,707 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:02,686 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:28:02,687 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [421794263] [2024-11-27 23:28:02,687 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [421794263] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:28:02,687 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [679154990] [2024-11-27 23:28:02,688 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:02,688 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:28:02,688 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:28:02,693 INFO L229 MonitoredProcess]: Starting monitored process 44 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:28:02,697 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (44)] Waiting until timeout for monitored process [2024-11-27 23:28:02,829 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:02,831 INFO L256 TraceCheckSpWp]: Trace formula consists of 267 conjuncts, 83 conjuncts are in the unsatisfiable core [2024-11-27 23:28:02,835 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:28:03,259 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 11 treesize of output 7 [2024-11-27 23:28:03,581 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:28:04,310 INFO L349 Elim1Store]: treesize reduction 8, result has 68.0 percent of original size [2024-11-27 23:28:04,311 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 145 treesize of output 133 [2024-11-27 23:28:04,935 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [679154990] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:28:04,936 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:28:04,936 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 17, 18] total 49 [2024-11-27 23:28:04,936 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [540109718] [2024-11-27 23:28:04,936 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:28:05,624 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:28:05,625 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 49 interpolants. [2024-11-27 23:28:05,626 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=179, Invalid=2173, Unknown=0, NotChecked=0, Total=2352 [2024-11-27 23:28:05,626 INFO L87 Difference]: Start difference. First operand 42 states and 52 transitions. cyclomatic complexity: 13 Second operand has 49 states, 49 states have (on average 2.2244897959183674) internal successors, (109), 49 states have internal predecessors, (109), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:08,305 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:28:08,306 INFO L93 Difference]: Finished difference Result 171 states and 203 transitions. [2024-11-27 23:28:08,306 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 171 states and 203 transitions. [2024-11-27 23:28:08,307 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 117 [2024-11-27 23:28:08,308 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 171 states to 171 states and 203 transitions. [2024-11-27 23:28:08,309 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 135 [2024-11-27 23:28:08,309 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 135 [2024-11-27 23:28:08,309 INFO L73 IsDeterministic]: Start isDeterministic. Operand 171 states and 203 transitions. [2024-11-27 23:28:08,309 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:28:08,309 INFO L218 hiAutomatonCegarLoop]: Abstraction has 171 states and 203 transitions. [2024-11-27 23:28:08,310 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 171 states and 203 transitions. [2024-11-27 23:28:08,314 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 171 to 100. [2024-11-27 23:28:08,314 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 100 states, 100 states have (on average 1.22) internal successors, (122), 99 states have internal predecessors, (122), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:08,315 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 100 states to 100 states and 122 transitions. [2024-11-27 23:28:08,315 INFO L240 hiAutomatonCegarLoop]: Abstraction has 100 states and 122 transitions. [2024-11-27 23:28:08,319 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2024-11-27 23:28:08,320 INFO L425 stractBuchiCegarLoop]: Abstraction has 100 states and 122 transitions. [2024-11-27 23:28:08,320 INFO L332 stractBuchiCegarLoop]: ======== Iteration 11 ============ [2024-11-27 23:28:08,320 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 100 states and 122 transitions. [2024-11-27 23:28:08,321 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 68 [2024-11-27 23:28:08,321 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:28:08,321 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:28:08,321 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [4, 4, 3, 3, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:08,321 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [5, 5, 4, 3, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:08,322 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:08,322 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:08,322 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:08,322 INFO L85 PathProgramCache]: Analyzing trace with hash -1195844343, now seen corresponding path program 4 times [2024-11-27 23:28:08,322 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:08,322 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1343477979] [2024-11-27 23:28:08,322 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:08,323 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:08,338 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:08,339 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:08,348 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:08,352 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:08,354 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:08,355 INFO L85 PathProgramCache]: Analyzing trace with hash -1325656600, now seen corresponding path program 5 times [2024-11-27 23:28:08,355 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:08,355 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [129349619] [2024-11-27 23:28:08,355 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:08,355 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:08,369 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:08,369 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:08,375 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:08,381 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:08,382 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:08,382 INFO L85 PathProgramCache]: Analyzing trace with hash 1657827808, now seen corresponding path program 5 times [2024-11-27 23:28:08,383 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:08,383 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1659420957] [2024-11-27 23:28:08,383 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:08,383 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:08,403 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:08,991 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:28:08,991 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1659420957] [2024-11-27 23:28:08,991 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1659420957] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:28:08,991 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [594006281] [2024-11-27 23:28:08,991 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:08,991 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:28:08,992 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:28:08,994 INFO L229 MonitoredProcess]: Starting monitored process 45 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:28:08,999 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (45)] Waiting until timeout for monitored process [2024-11-27 23:28:09,118 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:09,121 INFO L256 TraceCheckSpWp]: Trace formula consists of 285 conjuncts, 61 conjuncts are in the unsatisfiable core [2024-11-27 23:28:09,124 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:28:09,335 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:28:09,401 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:28:09,435 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:28:09,530 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [594006281] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:28:09,530 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:28:09,530 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 13, 13] total 23 [2024-11-27 23:28:09,531 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [762616254] [2024-11-27 23:28:09,531 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:28:10,346 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:28:10,346 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2024-11-27 23:28:10,347 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=61, Invalid=445, Unknown=0, NotChecked=0, Total=506 [2024-11-27 23:28:10,347 INFO L87 Difference]: Start difference. First operand 100 states and 122 transitions. cyclomatic complexity: 27 Second operand has 23 states, 23 states have (on average 3.0) internal successors, (69), 23 states have internal predecessors, (69), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:10,732 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:28:10,733 INFO L93 Difference]: Finished difference Result 86 states and 103 transitions. [2024-11-27 23:28:10,733 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 86 states and 103 transitions. [2024-11-27 23:28:10,733 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 33 [2024-11-27 23:28:10,734 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 86 states to 66 states and 80 transitions. [2024-11-27 23:28:10,734 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 43 [2024-11-27 23:28:10,734 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 43 [2024-11-27 23:28:10,734 INFO L73 IsDeterministic]: Start isDeterministic. Operand 66 states and 80 transitions. [2024-11-27 23:28:10,735 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:28:10,735 INFO L218 hiAutomatonCegarLoop]: Abstraction has 66 states and 80 transitions. [2024-11-27 23:28:10,735 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 66 states and 80 transitions. [2024-11-27 23:28:10,737 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 66 to 50. [2024-11-27 23:28:10,737 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 50 states, 50 states have (on average 1.24) internal successors, (62), 49 states have internal predecessors, (62), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:10,737 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 50 states to 50 states and 62 transitions. [2024-11-27 23:28:10,737 INFO L240 hiAutomatonCegarLoop]: Abstraction has 50 states and 62 transitions. [2024-11-27 23:28:10,737 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2024-11-27 23:28:10,738 INFO L425 stractBuchiCegarLoop]: Abstraction has 50 states and 62 transitions. [2024-11-27 23:28:10,738 INFO L332 stractBuchiCegarLoop]: ======== Iteration 12 ============ [2024-11-27 23:28:10,738 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 50 states and 62 transitions. [2024-11-27 23:28:10,742 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 25 [2024-11-27 23:28:10,742 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:28:10,742 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:28:10,743 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [5, 5, 4, 4, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:10,743 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [5, 5, 4, 4, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:10,743 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:10,743 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:10,743 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:10,743 INFO L85 PathProgramCache]: Analyzing trace with hash -2019525261, now seen corresponding path program 5 times [2024-11-27 23:28:10,744 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:10,744 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [805759616] [2024-11-27 23:28:10,744 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:10,744 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:10,759 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:10,760 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:10,766 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:10,770 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:10,770 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:10,770 INFO L85 PathProgramCache]: Analyzing trace with hash -2026721178, now seen corresponding path program 6 times [2024-11-27 23:28:10,770 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:10,771 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [420120122] [2024-11-27 23:28:10,771 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:10,771 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:10,780 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:10,780 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:10,786 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:10,789 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:10,789 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:10,789 INFO L85 PathProgramCache]: Analyzing trace with hash -1007691980, now seen corresponding path program 6 times [2024-11-27 23:28:10,789 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:10,790 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [401604513] [2024-11-27 23:28:10,790 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:10,790 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:10,811 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:11,823 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:28:11,823 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [401604513] [2024-11-27 23:28:11,823 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [401604513] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:28:11,823 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1719906915] [2024-11-27 23:28:11,824 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:11,824 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:28:11,824 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:28:11,828 INFO L229 MonitoredProcess]: Starting monitored process 46 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:28:11,831 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (46)] Waiting until timeout for monitored process [2024-11-27 23:28:11,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:11,981 INFO L256 TraceCheckSpWp]: Trace formula consists of 308 conjuncts, 77 conjuncts are in the unsatisfiable core [2024-11-27 23:28:11,989 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:28:12,305 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:28:12,716 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:28:12,716 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:28:12,755 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:28:13,006 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:28:13,007 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 119 treesize of output 95 [2024-11-27 23:28:13,749 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1719906915] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:28:13,750 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:28:13,750 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [21, 18, 18] total 49 [2024-11-27 23:28:13,750 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [367057196] [2024-11-27 23:28:13,750 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:28:14,683 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:28:14,684 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 49 interpolants. [2024-11-27 23:28:14,685 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=170, Invalid=2182, Unknown=0, NotChecked=0, Total=2352 [2024-11-27 23:28:14,685 INFO L87 Difference]: Start difference. First operand 50 states and 62 transitions. cyclomatic complexity: 15 Second operand has 49 states, 49 states have (on average 2.3877551020408165) internal successors, (117), 49 states have internal predecessors, (117), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:17,632 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:28:17,632 INFO L93 Difference]: Finished difference Result 214 states and 257 transitions. [2024-11-27 23:28:17,632 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 214 states and 257 transitions. [2024-11-27 23:28:17,634 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 152 [2024-11-27 23:28:17,637 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 214 states to 214 states and 257 transitions. [2024-11-27 23:28:17,637 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 170 [2024-11-27 23:28:17,637 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 170 [2024-11-27 23:28:17,638 INFO L73 IsDeterministic]: Start isDeterministic. Operand 214 states and 257 transitions. [2024-11-27 23:28:17,638 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:28:17,639 INFO L218 hiAutomatonCegarLoop]: Abstraction has 214 states and 257 transitions. [2024-11-27 23:28:17,639 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 214 states and 257 transitions. [2024-11-27 23:28:17,643 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 214 to 122. [2024-11-27 23:28:17,644 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 122 states, 122 states have (on average 1.2295081967213115) internal successors, (150), 121 states have internal predecessors, (150), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:17,645 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 122 states to 122 states and 150 transitions. [2024-11-27 23:28:17,645 INFO L240 hiAutomatonCegarLoop]: Abstraction has 122 states and 150 transitions. [2024-11-27 23:28:17,653 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 47 states. [2024-11-27 23:28:17,653 INFO L425 stractBuchiCegarLoop]: Abstraction has 122 states and 150 transitions. [2024-11-27 23:28:17,653 INFO L332 stractBuchiCegarLoop]: ======== Iteration 13 ============ [2024-11-27 23:28:17,653 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 122 states and 150 transitions. [2024-11-27 23:28:17,654 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 86 [2024-11-27 23:28:17,654 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:28:17,654 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:28:17,655 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [5, 5, 4, 4, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:17,655 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [6, 6, 5, 4, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:17,655 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:17,655 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:17,656 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:17,656 INFO L85 PathProgramCache]: Analyzing trace with hash -2019525261, now seen corresponding path program 6 times [2024-11-27 23:28:17,656 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:17,656 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1854632281] [2024-11-27 23:28:17,656 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:17,656 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:17,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:17,677 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:17,685 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:17,688 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:17,690 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:17,692 INFO L85 PathProgramCache]: Analyzing trace with hash 337074768, now seen corresponding path program 7 times [2024-11-27 23:28:17,693 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:17,693 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1525940716] [2024-11-27 23:28:17,693 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:17,693 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:17,707 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:17,709 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:17,720 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:17,723 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:17,728 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:17,728 INFO L85 PathProgramCache]: Analyzing trace with hash -852989410, now seen corresponding path program 7 times [2024-11-27 23:28:17,728 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:17,728 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2096774126] [2024-11-27 23:28:17,728 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:17,729 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:17,754 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:18,470 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:28:18,470 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2096774126] [2024-11-27 23:28:18,470 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2096774126] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:28:18,471 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [831824807] [2024-11-27 23:28:18,471 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:18,471 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:28:18,471 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:28:18,475 INFO L229 MonitoredProcess]: Starting monitored process 47 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:28:18,477 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (47)] Waiting until timeout for monitored process [2024-11-27 23:28:18,606 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:18,608 INFO L256 TraceCheckSpWp]: Trace formula consists of 326 conjuncts, 69 conjuncts are in the unsatisfiable core [2024-11-27 23:28:18,612 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:28:18,893 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:28:18,983 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:28:19,025 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:28:19,143 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [831824807] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:28:19,143 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:28:19,143 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [17, 15, 15] total 26 [2024-11-27 23:28:19,144 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [879372739] [2024-11-27 23:28:19,144 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:28:20,185 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:28:20,185 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2024-11-27 23:28:20,186 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=69, Invalid=581, Unknown=0, NotChecked=0, Total=650 [2024-11-27 23:28:20,186 INFO L87 Difference]: Start difference. First operand 122 states and 150 transitions. cyclomatic complexity: 33 Second operand has 26 states, 26 states have (on average 3.1153846153846154) internal successors, (81), 26 states have internal predecessors, (81), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:20,742 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:28:20,742 INFO L93 Difference]: Finished difference Result 98 states and 118 transitions. [2024-11-27 23:28:20,742 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 98 states and 118 transitions. [2024-11-27 23:28:20,743 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 37 [2024-11-27 23:28:20,743 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 98 states to 74 states and 90 transitions. [2024-11-27 23:28:20,743 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 47 [2024-11-27 23:28:20,744 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 47 [2024-11-27 23:28:20,744 INFO L73 IsDeterministic]: Start isDeterministic. Operand 74 states and 90 transitions. [2024-11-27 23:28:20,744 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:28:20,744 INFO L218 hiAutomatonCegarLoop]: Abstraction has 74 states and 90 transitions. [2024-11-27 23:28:20,744 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 74 states and 90 transitions. [2024-11-27 23:28:20,746 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 74 to 58. [2024-11-27 23:28:20,746 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 58 states, 58 states have (on average 1.2413793103448276) internal successors, (72), 57 states have internal predecessors, (72), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:20,746 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 58 states to 58 states and 72 transitions. [2024-11-27 23:28:20,746 INFO L240 hiAutomatonCegarLoop]: Abstraction has 58 states and 72 transitions. [2024-11-27 23:28:20,746 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-11-27 23:28:20,747 INFO L425 stractBuchiCegarLoop]: Abstraction has 58 states and 72 transitions. [2024-11-27 23:28:20,747 INFO L332 stractBuchiCegarLoop]: ======== Iteration 14 ============ [2024-11-27 23:28:20,747 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 58 states and 72 transitions. [2024-11-27 23:28:20,752 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 29 [2024-11-27 23:28:20,752 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:28:20,752 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:28:20,753 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [6, 6, 5, 5, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:20,753 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [6, 6, 5, 5, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:20,753 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:20,756 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:20,757 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:20,757 INFO L85 PathProgramCache]: Analyzing trace with hash 1603131613, now seen corresponding path program 7 times [2024-11-27 23:28:20,757 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:20,757 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [544685426] [2024-11-27 23:28:20,757 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:20,758 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:20,776 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:20,777 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:20,789 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:20,795 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:20,795 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:20,796 INFO L85 PathProgramCache]: Analyzing trace with hash -363989810, now seen corresponding path program 8 times [2024-11-27 23:28:20,796 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:20,796 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2126496445] [2024-11-27 23:28:20,796 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:20,796 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:20,809 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:20,809 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:20,817 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:20,820 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:20,822 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:20,822 INFO L85 PathProgramCache]: Analyzing trace with hash -1223517838, now seen corresponding path program 8 times [2024-11-27 23:28:20,822 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:20,822 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [41675320] [2024-11-27 23:28:20,822 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:20,822 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:20,847 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:21,893 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:28:21,894 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [41675320] [2024-11-27 23:28:21,894 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [41675320] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:28:21,894 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1094653889] [2024-11-27 23:28:21,894 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:21,894 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:28:21,894 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:28:21,897 INFO L229 MonitoredProcess]: Starting monitored process 48 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:28:21,901 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (48)] Waiting until timeout for monitored process [2024-11-27 23:28:22,076 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:22,080 INFO L256 TraceCheckSpWp]: Trace formula consists of 349 conjuncts, 91 conjuncts are in the unsatisfiable core [2024-11-27 23:28:22,083 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:28:22,476 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:28:22,915 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:28:23,815 INFO L349 Elim1Store]: treesize reduction 8, result has 68.0 percent of original size [2024-11-27 23:28:23,815 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 145 treesize of output 133 [2024-11-27 23:28:24,630 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1094653889] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:28:24,631 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:28:24,631 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [22, 20, 22] total 61 [2024-11-27 23:28:24,631 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1814687430] [2024-11-27 23:28:24,631 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:28:25,671 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:28:25,671 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 61 interpolants. [2024-11-27 23:28:25,672 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=218, Invalid=3442, Unknown=0, NotChecked=0, Total=3660 [2024-11-27 23:28:25,672 INFO L87 Difference]: Start difference. First operand 58 states and 72 transitions. cyclomatic complexity: 17 Second operand has 61 states, 61 states have (on average 2.5737704918032787) internal successors, (157), 61 states have internal predecessors, (157), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:30,738 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:28:30,738 INFO L93 Difference]: Finished difference Result 257 states and 311 transitions. [2024-11-27 23:28:30,738 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 257 states and 311 transitions. [2024-11-27 23:28:30,741 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 187 [2024-11-27 23:28:30,743 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 257 states to 257 states and 311 transitions. [2024-11-27 23:28:30,743 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 205 [2024-11-27 23:28:30,744 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 205 [2024-11-27 23:28:30,744 INFO L73 IsDeterministic]: Start isDeterministic. Operand 257 states and 311 transitions. [2024-11-27 23:28:30,745 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:28:30,745 INFO L218 hiAutomatonCegarLoop]: Abstraction has 257 states and 311 transitions. [2024-11-27 23:28:30,745 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 257 states and 311 transitions. [2024-11-27 23:28:30,750 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 257 to 144. [2024-11-27 23:28:30,750 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 144 states, 144 states have (on average 1.2361111111111112) internal successors, (178), 143 states have internal predecessors, (178), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:30,751 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 144 states to 144 states and 178 transitions. [2024-11-27 23:28:30,752 INFO L240 hiAutomatonCegarLoop]: Abstraction has 144 states and 178 transitions. [2024-11-27 23:28:30,752 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 53 states. [2024-11-27 23:28:30,753 INFO L425 stractBuchiCegarLoop]: Abstraction has 144 states and 178 transitions. [2024-11-27 23:28:30,753 INFO L332 stractBuchiCegarLoop]: ======== Iteration 15 ============ [2024-11-27 23:28:30,753 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 144 states and 178 transitions. [2024-11-27 23:28:30,754 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 104 [2024-11-27 23:28:30,754 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:28:30,754 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:28:30,755 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [6, 6, 5, 5, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:30,755 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [7, 7, 6, 5, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:30,756 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:30,756 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:30,756 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:30,756 INFO L85 PathProgramCache]: Analyzing trace with hash 1603131613, now seen corresponding path program 8 times [2024-11-27 23:28:30,756 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:30,756 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1427209629] [2024-11-27 23:28:30,757 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:30,757 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:30,775 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:30,775 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:30,787 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:30,795 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:30,795 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:30,795 INFO L85 PathProgramCache]: Analyzing trace with hash 900344504, now seen corresponding path program 9 times [2024-11-27 23:28:30,795 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:30,795 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1605129155] [2024-11-27 23:28:30,796 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:30,796 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:30,810 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:30,811 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:30,819 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:30,824 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:30,825 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:30,825 INFO L85 PathProgramCache]: Analyzing trace with hash 277077340, now seen corresponding path program 9 times [2024-11-27 23:28:30,825 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:30,825 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [578010812] [2024-11-27 23:28:30,825 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:30,826 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:30,858 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:31,696 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:28:31,696 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [578010812] [2024-11-27 23:28:31,696 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [578010812] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:28:31,697 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [110222623] [2024-11-27 23:28:31,697 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:31,697 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:28:31,697 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:28:31,701 INFO L229 MonitoredProcess]: Starting monitored process 49 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:28:31,705 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (49)] Waiting until timeout for monitored process [2024-11-27 23:28:31,875 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:31,878 INFO L256 TraceCheckSpWp]: Trace formula consists of 367 conjuncts, 77 conjuncts are in the unsatisfiable core [2024-11-27 23:28:31,882 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:28:32,260 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:28:32,405 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:28:32,469 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:28:32,597 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [110222623] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:28:32,597 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:28:32,597 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 17, 17] total 29 [2024-11-27 23:28:32,597 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1726562908] [2024-11-27 23:28:32,598 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:28:33,969 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:28:33,969 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 29 interpolants. [2024-11-27 23:28:33,969 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=77, Invalid=735, Unknown=0, NotChecked=0, Total=812 [2024-11-27 23:28:33,969 INFO L87 Difference]: Start difference. First operand 144 states and 178 transitions. cyclomatic complexity: 39 Second operand has 29 states, 29 states have (on average 3.206896551724138) internal successors, (93), 29 states have internal predecessors, (93), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:34,637 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:28:34,637 INFO L93 Difference]: Finished difference Result 110 states and 133 transitions. [2024-11-27 23:28:34,637 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 110 states and 133 transitions. [2024-11-27 23:28:34,638 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 41 [2024-11-27 23:28:34,638 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 110 states to 82 states and 100 transitions. [2024-11-27 23:28:34,639 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 51 [2024-11-27 23:28:34,639 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 51 [2024-11-27 23:28:34,639 INFO L73 IsDeterministic]: Start isDeterministic. Operand 82 states and 100 transitions. [2024-11-27 23:28:34,639 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:28:34,639 INFO L218 hiAutomatonCegarLoop]: Abstraction has 82 states and 100 transitions. [2024-11-27 23:28:34,640 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states and 100 transitions. [2024-11-27 23:28:34,641 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 66. [2024-11-27 23:28:34,642 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 66 states have (on average 1.2424242424242424) internal successors, (82), 65 states have internal predecessors, (82), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:34,642 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 82 transitions. [2024-11-27 23:28:34,642 INFO L240 hiAutomatonCegarLoop]: Abstraction has 66 states and 82 transitions. [2024-11-27 23:28:34,642 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2024-11-27 23:28:34,643 INFO L425 stractBuchiCegarLoop]: Abstraction has 66 states and 82 transitions. [2024-11-27 23:28:34,643 INFO L332 stractBuchiCegarLoop]: ======== Iteration 16 ============ [2024-11-27 23:28:34,643 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 66 states and 82 transitions. [2024-11-27 23:28:34,644 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 33 [2024-11-27 23:28:34,644 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:28:34,644 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:28:34,645 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [7, 7, 6, 6, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:34,645 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [7, 7, 6, 6, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:34,645 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:34,645 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:34,646 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:34,646 INFO L85 PathProgramCache]: Analyzing trace with hash -2127859897, now seen corresponding path program 9 times [2024-11-27 23:28:34,646 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:34,646 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1847067323] [2024-11-27 23:28:34,646 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:34,646 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:34,663 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:34,664 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:34,673 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:34,680 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:34,681 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:34,681 INFO L85 PathProgramCache]: Analyzing trace with hash 199279926, now seen corresponding path program 10 times [2024-11-27 23:28:34,681 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:34,681 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1749957272] [2024-11-27 23:28:34,681 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:34,681 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:34,698 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:34,700 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:34,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:34,714 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:34,716 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:34,716 INFO L85 PathProgramCache]: Analyzing trace with hash 416208560, now seen corresponding path program 10 times [2024-11-27 23:28:34,716 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:34,716 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1790615949] [2024-11-27 23:28:34,717 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:34,717 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:34,745 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:35,727 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:28:35,727 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1790615949] [2024-11-27 23:28:35,727 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1790615949] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:28:35,727 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2019313598] [2024-11-27 23:28:35,727 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:35,727 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:28:35,727 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:28:35,729 INFO L229 MonitoredProcess]: Starting monitored process 50 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:28:35,731 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (50)] Waiting until timeout for monitored process [2024-11-27 23:28:35,890 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:35,893 INFO L256 TraceCheckSpWp]: Trace formula consists of 390 conjuncts, 93 conjuncts are in the unsatisfiable core [2024-11-27 23:28:35,898 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:28:36,295 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:28:36,788 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:28:36,789 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:28:36,823 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:28:37,098 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:28:37,098 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 119 treesize of output 95 [2024-11-27 23:28:37,913 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2019313598] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:28:37,913 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:28:37,913 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [24, 22, 22] total 58 [2024-11-27 23:28:37,913 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2091079821] [2024-11-27 23:28:37,913 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:28:39,064 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:28:39,065 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 58 interpolants. [2024-11-27 23:28:39,066 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=196, Invalid=3110, Unknown=0, NotChecked=0, Total=3306 [2024-11-27 23:28:39,066 INFO L87 Difference]: Start difference. First operand 66 states and 82 transitions. cyclomatic complexity: 19 Second operand has 58 states, 58 states have (on average 2.706896551724138) internal successors, (157), 58 states have internal predecessors, (157), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:43,761 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:28:43,762 INFO L93 Difference]: Finished difference Result 300 states and 365 transitions. [2024-11-27 23:28:43,762 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 300 states and 365 transitions. [2024-11-27 23:28:43,764 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 222 [2024-11-27 23:28:43,766 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 300 states to 300 states and 365 transitions. [2024-11-27 23:28:43,766 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 240 [2024-11-27 23:28:43,766 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 240 [2024-11-27 23:28:43,766 INFO L73 IsDeterministic]: Start isDeterministic. Operand 300 states and 365 transitions. [2024-11-27 23:28:43,767 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:28:43,767 INFO L218 hiAutomatonCegarLoop]: Abstraction has 300 states and 365 transitions. [2024-11-27 23:28:43,768 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 300 states and 365 transitions. [2024-11-27 23:28:43,790 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 300 to 166. [2024-11-27 23:28:43,790 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 166 states, 166 states have (on average 1.2409638554216869) internal successors, (206), 165 states have internal predecessors, (206), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:43,791 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 166 states to 166 states and 206 transitions. [2024-11-27 23:28:43,791 INFO L240 hiAutomatonCegarLoop]: Abstraction has 166 states and 206 transitions. [2024-11-27 23:28:43,792 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 60 states. [2024-11-27 23:28:43,792 INFO L425 stractBuchiCegarLoop]: Abstraction has 166 states and 206 transitions. [2024-11-27 23:28:43,793 INFO L332 stractBuchiCegarLoop]: ======== Iteration 17 ============ [2024-11-27 23:28:43,793 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 166 states and 206 transitions. [2024-11-27 23:28:43,794 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 122 [2024-11-27 23:28:43,794 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:28:43,794 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:28:43,795 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [7, 7, 6, 6, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:43,795 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [8, 8, 7, 6, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:43,796 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:43,796 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:43,796 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:43,797 INFO L85 PathProgramCache]: Analyzing trace with hash -2127859897, now seen corresponding path program 10 times [2024-11-27 23:28:43,797 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:43,797 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1725468944] [2024-11-27 23:28:43,797 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:43,797 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:43,814 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:43,815 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:43,823 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:43,828 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:43,828 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:43,828 INFO L85 PathProgramCache]: Analyzing trace with hash -1223784672, now seen corresponding path program 11 times [2024-11-27 23:28:43,828 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:43,828 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [833024289] [2024-11-27 23:28:43,829 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:43,829 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:43,841 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:43,842 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:43,850 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:43,854 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:43,855 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:43,855 INFO L85 PathProgramCache]: Analyzing trace with hash -1824306278, now seen corresponding path program 11 times [2024-11-27 23:28:43,855 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:43,855 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1968569165] [2024-11-27 23:28:43,855 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:43,855 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:43,882 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:44,817 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:28:44,817 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1968569165] [2024-11-27 23:28:44,817 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1968569165] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:28:44,817 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1126692424] [2024-11-27 23:28:44,817 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:44,818 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:28:44,818 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:28:44,820 INFO L229 MonitoredProcess]: Starting monitored process 51 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:28:44,825 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (51)] Waiting until timeout for monitored process [2024-11-27 23:28:44,991 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:44,994 INFO L256 TraceCheckSpWp]: Trace formula consists of 408 conjuncts, 85 conjuncts are in the unsatisfiable core [2024-11-27 23:28:44,996 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:28:45,355 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:28:45,465 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:28:45,528 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:28:45,658 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1126692424] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:28:45,658 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:28:45,658 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [21, 19, 19] total 32 [2024-11-27 23:28:45,658 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1183862545] [2024-11-27 23:28:45,658 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:28:47,013 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:28:47,013 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 32 interpolants. [2024-11-27 23:28:47,013 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=85, Invalid=907, Unknown=0, NotChecked=0, Total=992 [2024-11-27 23:28:47,014 INFO L87 Difference]: Start difference. First operand 166 states and 206 transitions. cyclomatic complexity: 45 Second operand has 32 states, 32 states have (on average 3.28125) internal successors, (105), 32 states have internal predecessors, (105), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:47,888 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:28:47,888 INFO L93 Difference]: Finished difference Result 122 states and 148 transitions. [2024-11-27 23:28:47,888 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 122 states and 148 transitions. [2024-11-27 23:28:47,889 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 45 [2024-11-27 23:28:47,889 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 122 states to 90 states and 110 transitions. [2024-11-27 23:28:47,890 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 55 [2024-11-27 23:28:47,890 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 55 [2024-11-27 23:28:47,890 INFO L73 IsDeterministic]: Start isDeterministic. Operand 90 states and 110 transitions. [2024-11-27 23:28:47,890 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:28:47,890 INFO L218 hiAutomatonCegarLoop]: Abstraction has 90 states and 110 transitions. [2024-11-27 23:28:47,890 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 90 states and 110 transitions. [2024-11-27 23:28:47,892 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 90 to 74. [2024-11-27 23:28:47,892 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 74 states, 74 states have (on average 1.2432432432432432) internal successors, (92), 73 states have internal predecessors, (92), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:28:47,893 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 74 states to 74 states and 92 transitions. [2024-11-27 23:28:47,893 INFO L240 hiAutomatonCegarLoop]: Abstraction has 74 states and 92 transitions. [2024-11-27 23:28:47,893 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2024-11-27 23:28:47,893 INFO L425 stractBuchiCegarLoop]: Abstraction has 74 states and 92 transitions. [2024-11-27 23:28:47,893 INFO L332 stractBuchiCegarLoop]: ======== Iteration 18 ============ [2024-11-27 23:28:47,893 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 74 states and 92 transitions. [2024-11-27 23:28:47,894 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 37 [2024-11-27 23:28:47,894 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:28:47,894 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:28:47,895 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [8, 8, 7, 7, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:47,895 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [8, 8, 7, 7, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:28:47,895 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:47,895 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:28:47,896 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:47,896 INFO L85 PathProgramCache]: Analyzing trace with hash -740048719, now seen corresponding path program 11 times [2024-11-27 23:28:47,896 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:47,896 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [989422653] [2024-11-27 23:28:47,896 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:47,896 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:47,911 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:47,911 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:47,920 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:47,925 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:47,925 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:47,925 INFO L85 PathProgramCache]: Analyzing trace with hash -1924849250, now seen corresponding path program 12 times [2024-11-27 23:28:47,925 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:47,925 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1857775167] [2024-11-27 23:28:47,925 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:47,925 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:47,942 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:47,942 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:28:47,950 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:28:47,956 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:28:47,957 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:28:47,957 INFO L85 PathProgramCache]: Analyzing trace with hash 1501892334, now seen corresponding path program 12 times [2024-11-27 23:28:47,958 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:28:47,958 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1530791389] [2024-11-27 23:28:47,958 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:47,958 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:28:47,986 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:49,217 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:28:49,217 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1530791389] [2024-11-27 23:28:49,218 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1530791389] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:28:49,218 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2069078684] [2024-11-27 23:28:49,218 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:28:49,218 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:28:49,218 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:28:49,221 INFO L229 MonitoredProcess]: Starting monitored process 52 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:28:49,222 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (52)] Waiting until timeout for monitored process [2024-11-27 23:28:49,408 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:28:49,411 INFO L256 TraceCheckSpWp]: Trace formula consists of 431 conjuncts, 107 conjuncts are in the unsatisfiable core [2024-11-27 23:28:49,415 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:28:49,884 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:28:50,534 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:28:51,556 INFO L349 Elim1Store]: treesize reduction 8, result has 68.0 percent of original size [2024-11-27 23:28:51,556 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 141 treesize of output 129 [2024-11-27 23:28:52,578 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2069078684] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:28:52,578 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:28:52,578 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [26, 24, 26] total 73 [2024-11-27 23:28:52,578 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [635339794] [2024-11-27 23:28:52,578 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:28:54,018 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:28:54,018 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 73 interpolants. [2024-11-27 23:28:54,020 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=258, Invalid=4998, Unknown=0, NotChecked=0, Total=5256 [2024-11-27 23:28:54,020 INFO L87 Difference]: Start difference. First operand 74 states and 92 transitions. cyclomatic complexity: 21 Second operand has 73 states, 73 states have (on average 2.808219178082192) internal successors, (205), 73 states have internal predecessors, (205), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:01,303 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:29:01,303 INFO L93 Difference]: Finished difference Result 343 states and 419 transitions. [2024-11-27 23:29:01,303 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 343 states and 419 transitions. [2024-11-27 23:29:01,306 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 257 [2024-11-27 23:29:01,308 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 343 states to 343 states and 419 transitions. [2024-11-27 23:29:01,308 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 275 [2024-11-27 23:29:01,309 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 275 [2024-11-27 23:29:01,309 INFO L73 IsDeterministic]: Start isDeterministic. Operand 343 states and 419 transitions. [2024-11-27 23:29:01,309 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:29:01,309 INFO L218 hiAutomatonCegarLoop]: Abstraction has 343 states and 419 transitions. [2024-11-27 23:29:01,310 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 343 states and 419 transitions. [2024-11-27 23:29:01,314 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 343 to 188. [2024-11-27 23:29:01,314 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 188 states, 188 states have (on average 1.2446808510638299) internal successors, (234), 187 states have internal predecessors, (234), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:01,315 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 188 states to 188 states and 234 transitions. [2024-11-27 23:29:01,315 INFO L240 hiAutomatonCegarLoop]: Abstraction has 188 states and 234 transitions. [2024-11-27 23:29:01,317 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 67 states. [2024-11-27 23:29:01,317 INFO L425 stractBuchiCegarLoop]: Abstraction has 188 states and 234 transitions. [2024-11-27 23:29:01,317 INFO L332 stractBuchiCegarLoop]: ======== Iteration 19 ============ [2024-11-27 23:29:01,318 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 188 states and 234 transitions. [2024-11-27 23:29:01,319 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 140 [2024-11-27 23:29:01,319 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:29:01,319 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:29:01,320 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [8, 8, 7, 7, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:01,320 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [9, 9, 8, 7, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:01,320 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:01,321 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:01,321 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:01,321 INFO L85 PathProgramCache]: Analyzing trace with hash -740048719, now seen corresponding path program 12 times [2024-11-27 23:29:01,321 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:01,321 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1132434807] [2024-11-27 23:29:01,321 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:01,321 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:01,335 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:01,335 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:01,344 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:01,349 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:01,349 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:01,350 INFO L85 PathProgramCache]: Analyzing trace with hash -56725624, now seen corresponding path program 13 times [2024-11-27 23:29:01,350 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:01,350 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [897472139] [2024-11-27 23:29:01,350 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:01,350 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:01,373 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:01,373 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:01,382 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:01,387 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:01,387 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:01,387 INFO L85 PathProgramCache]: Analyzing trace with hash -1584974632, now seen corresponding path program 13 times [2024-11-27 23:29:01,388 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:01,388 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1538936802] [2024-11-27 23:29:01,388 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:01,388 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:01,418 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:02,442 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:29:02,443 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1538936802] [2024-11-27 23:29:02,443 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1538936802] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:29:02,443 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [896107864] [2024-11-27 23:29:02,443 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:02,443 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:29:02,443 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:29:02,448 INFO L229 MonitoredProcess]: Starting monitored process 53 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:29:02,451 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (53)] Waiting until timeout for monitored process [2024-11-27 23:29:02,647 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:02,651 INFO L256 TraceCheckSpWp]: Trace formula consists of 449 conjuncts, 93 conjuncts are in the unsatisfiable core [2024-11-27 23:29:02,655 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:29:03,070 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:29:03,181 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:29:03,242 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:29:03,406 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [896107864] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:29:03,406 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:29:03,406 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [23, 21, 21] total 35 [2024-11-27 23:29:03,406 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [403561424] [2024-11-27 23:29:03,407 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:29:04,822 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:29:04,822 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 35 interpolants. [2024-11-27 23:29:04,823 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=93, Invalid=1097, Unknown=0, NotChecked=0, Total=1190 [2024-11-27 23:29:04,823 INFO L87 Difference]: Start difference. First operand 188 states and 234 transitions. cyclomatic complexity: 51 Second operand has 35 states, 35 states have (on average 3.342857142857143) internal successors, (117), 35 states have internal predecessors, (117), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:05,835 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:29:05,836 INFO L93 Difference]: Finished difference Result 134 states and 163 transitions. [2024-11-27 23:29:05,836 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 134 states and 163 transitions. [2024-11-27 23:29:05,837 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 49 [2024-11-27 23:29:05,837 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 134 states to 98 states and 120 transitions. [2024-11-27 23:29:05,838 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 59 [2024-11-27 23:29:05,838 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 59 [2024-11-27 23:29:05,838 INFO L73 IsDeterministic]: Start isDeterministic. Operand 98 states and 120 transitions. [2024-11-27 23:29:05,838 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:29:05,838 INFO L218 hiAutomatonCegarLoop]: Abstraction has 98 states and 120 transitions. [2024-11-27 23:29:05,838 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states and 120 transitions. [2024-11-27 23:29:05,840 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 82. [2024-11-27 23:29:05,840 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 82 states have (on average 1.2439024390243902) internal successors, (102), 81 states have internal predecessors, (102), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:05,841 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 102 transitions. [2024-11-27 23:29:05,841 INFO L240 hiAutomatonCegarLoop]: Abstraction has 82 states and 102 transitions. [2024-11-27 23:29:05,841 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 23 states. [2024-11-27 23:29:05,842 INFO L425 stractBuchiCegarLoop]: Abstraction has 82 states and 102 transitions. [2024-11-27 23:29:05,842 INFO L332 stractBuchiCegarLoop]: ======== Iteration 20 ============ [2024-11-27 23:29:05,842 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 82 states and 102 transitions. [2024-11-27 23:29:05,843 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 41 [2024-11-27 23:29:05,843 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:29:05,843 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:29:05,844 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [9, 9, 8, 8, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:05,844 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [9, 9, 8, 8, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:05,844 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:05,844 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:05,845 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:05,845 INFO L85 PathProgramCache]: Analyzing trace with hash -2048832229, now seen corresponding path program 13 times [2024-11-27 23:29:05,845 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:05,845 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1631047372] [2024-11-27 23:29:05,845 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:05,845 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:05,864 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:05,865 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:05,883 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:05,887 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:05,888 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:05,888 INFO L85 PathProgramCache]: Analyzing trace with hash -757790202, now seen corresponding path program 14 times [2024-11-27 23:29:05,888 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:05,888 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1199623721] [2024-11-27 23:29:05,889 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:05,889 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:05,904 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:05,904 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:05,913 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:05,917 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:05,917 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:05,918 INFO L85 PathProgramCache]: Analyzing trace with hash -816463316, now seen corresponding path program 14 times [2024-11-27 23:29:05,918 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:05,918 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1857795844] [2024-11-27 23:29:05,918 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:05,918 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:05,949 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:07,307 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:29:07,308 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1857795844] [2024-11-27 23:29:07,308 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1857795844] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:29:07,308 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [244062749] [2024-11-27 23:29:07,308 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:07,308 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:29:07,308 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:29:07,310 INFO L229 MonitoredProcess]: Starting monitored process 54 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:29:07,312 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (54)] Waiting until timeout for monitored process [2024-11-27 23:29:07,485 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:07,488 INFO L256 TraceCheckSpWp]: Trace formula consists of 472 conjuncts, 109 conjuncts are in the unsatisfiable core [2024-11-27 23:29:07,492 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:29:07,711 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:29:08,301 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:29:08,301 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:29:08,342 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:29:08,619 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:29:08,619 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 119 treesize of output 95 [2024-11-27 23:29:09,659 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [244062749] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:29:09,659 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:29:09,660 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [29, 26, 26] total 54 [2024-11-27 23:29:09,660 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1930728935] [2024-11-27 23:29:09,660 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:29:11,219 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:29:11,219 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 54 interpolants. [2024-11-27 23:29:11,220 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=148, Invalid=2714, Unknown=0, NotChecked=0, Total=2862 [2024-11-27 23:29:11,220 INFO L87 Difference]: Start difference. First operand 82 states and 102 transitions. cyclomatic complexity: 23 Second operand has 54 states, 54 states have (on average 2.925925925925926) internal successors, (158), 54 states have internal predecessors, (158), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:18,021 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:29:18,022 INFO L93 Difference]: Finished difference Result 386 states and 473 transitions. [2024-11-27 23:29:18,022 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 386 states and 473 transitions. [2024-11-27 23:29:18,024 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 292 [2024-11-27 23:29:18,026 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 386 states to 386 states and 473 transitions. [2024-11-27 23:29:18,026 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 310 [2024-11-27 23:29:18,027 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 310 [2024-11-27 23:29:18,027 INFO L73 IsDeterministic]: Start isDeterministic. Operand 386 states and 473 transitions. [2024-11-27 23:29:18,027 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:29:18,028 INFO L218 hiAutomatonCegarLoop]: Abstraction has 386 states and 473 transitions. [2024-11-27 23:29:18,028 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 386 states and 473 transitions. [2024-11-27 23:29:18,032 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 386 to 210. [2024-11-27 23:29:18,032 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 210 states, 210 states have (on average 1.2476190476190476) internal successors, (262), 209 states have internal predecessors, (262), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:18,033 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 210 states to 210 states and 262 transitions. [2024-11-27 23:29:18,033 INFO L240 hiAutomatonCegarLoop]: Abstraction has 210 states and 262 transitions. [2024-11-27 23:29:18,036 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 74 states. [2024-11-27 23:29:18,036 INFO L425 stractBuchiCegarLoop]: Abstraction has 210 states and 262 transitions. [2024-11-27 23:29:18,036 INFO L332 stractBuchiCegarLoop]: ======== Iteration 21 ============ [2024-11-27 23:29:18,036 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 210 states and 262 transitions. [2024-11-27 23:29:18,037 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 158 [2024-11-27 23:29:18,038 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:29:18,038 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:29:18,039 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [9, 9, 8, 8, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:18,039 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [10, 10, 9, 8, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:18,039 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:18,040 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:18,040 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:18,040 INFO L85 PathProgramCache]: Analyzing trace with hash -2048832229, now seen corresponding path program 14 times [2024-11-27 23:29:18,040 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:18,040 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [497427818] [2024-11-27 23:29:18,041 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:18,041 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:18,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:18,053 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:18,063 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:18,067 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:18,068 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:18,068 INFO L85 PathProgramCache]: Analyzing trace with hash -1380719632, now seen corresponding path program 15 times [2024-11-27 23:29:18,068 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:18,068 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1645945362] [2024-11-27 23:29:18,068 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:18,068 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:18,084 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:18,086 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:18,095 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:18,100 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:18,101 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:18,101 INFO L85 PathProgramCache]: Analyzing trace with hash -1926227690, now seen corresponding path program 15 times [2024-11-27 23:29:18,101 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:18,101 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [425117370] [2024-11-27 23:29:18,101 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:18,101 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:18,130 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:19,093 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:29:19,093 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [425117370] [2024-11-27 23:29:19,093 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [425117370] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:29:19,094 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [269508899] [2024-11-27 23:29:19,094 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:19,094 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:29:19,094 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:29:19,097 INFO L229 MonitoredProcess]: Starting monitored process 55 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:29:19,102 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (55)] Waiting until timeout for monitored process [2024-11-27 23:29:19,288 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:19,291 INFO L256 TraceCheckSpWp]: Trace formula consists of 490 conjuncts, 101 conjuncts are in the unsatisfiable core [2024-11-27 23:29:19,295 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:29:19,755 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:29:19,894 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:29:19,972 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:29:20,149 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [269508899] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:29:20,149 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:29:20,149 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [25, 23, 23] total 38 [2024-11-27 23:29:20,149 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1260770668] [2024-11-27 23:29:20,149 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:29:21,930 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:29:21,931 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 38 interpolants. [2024-11-27 23:29:21,931 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=101, Invalid=1305, Unknown=0, NotChecked=0, Total=1406 [2024-11-27 23:29:21,931 INFO L87 Difference]: Start difference. First operand 210 states and 262 transitions. cyclomatic complexity: 57 Second operand has 38 states, 38 states have (on average 3.3947368421052633) internal successors, (129), 38 states have internal predecessors, (129), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:23,309 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:29:23,310 INFO L93 Difference]: Finished difference Result 146 states and 178 transitions. [2024-11-27 23:29:23,310 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 146 states and 178 transitions. [2024-11-27 23:29:23,311 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 53 [2024-11-27 23:29:23,311 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 146 states to 106 states and 130 transitions. [2024-11-27 23:29:23,311 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 63 [2024-11-27 23:29:23,312 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 63 [2024-11-27 23:29:23,312 INFO L73 IsDeterministic]: Start isDeterministic. Operand 106 states and 130 transitions. [2024-11-27 23:29:23,312 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:29:23,312 INFO L218 hiAutomatonCegarLoop]: Abstraction has 106 states and 130 transitions. [2024-11-27 23:29:23,312 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 106 states and 130 transitions. [2024-11-27 23:29:23,313 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 106 to 90. [2024-11-27 23:29:23,314 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 90 states, 90 states have (on average 1.2444444444444445) internal successors, (112), 89 states have internal predecessors, (112), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:23,314 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 90 states to 90 states and 112 transitions. [2024-11-27 23:29:23,314 INFO L240 hiAutomatonCegarLoop]: Abstraction has 90 states and 112 transitions. [2024-11-27 23:29:23,315 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2024-11-27 23:29:23,315 INFO L425 stractBuchiCegarLoop]: Abstraction has 90 states and 112 transitions. [2024-11-27 23:29:23,315 INFO L332 stractBuchiCegarLoop]: ======== Iteration 22 ============ [2024-11-27 23:29:23,315 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 90 states and 112 transitions. [2024-11-27 23:29:23,316 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 45 [2024-11-27 23:29:23,316 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:29:23,316 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:29:23,316 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [10, 10, 9, 9, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:23,317 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [10, 10, 9, 9, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:23,317 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:23,317 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:23,317 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:23,317 INFO L85 PathProgramCache]: Analyzing trace with hash -1408330619, now seen corresponding path program 15 times [2024-11-27 23:29:23,318 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:23,318 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1479523410] [2024-11-27 23:29:23,318 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:23,318 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:23,332 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:23,332 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:23,340 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:23,344 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:23,344 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:23,345 INFO L85 PathProgramCache]: Analyzing trace with hash -2081784210, now seen corresponding path program 16 times [2024-11-27 23:29:23,345 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:23,345 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1733151713] [2024-11-27 23:29:23,345 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:23,345 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:23,378 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:23,378 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:23,385 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:23,389 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:23,390 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:23,390 INFO L85 PathProgramCache]: Analyzing trace with hash -702451606, now seen corresponding path program 16 times [2024-11-27 23:29:23,390 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:23,390 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [659430907] [2024-11-27 23:29:23,390 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:23,390 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:23,415 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:24,740 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:29:24,740 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [659430907] [2024-11-27 23:29:24,740 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [659430907] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:29:24,740 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1278607794] [2024-11-27 23:29:24,740 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:24,740 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:29:24,740 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:29:24,746 INFO L229 MonitoredProcess]: Starting monitored process 56 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:29:24,747 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (56)] Waiting until timeout for monitored process [2024-11-27 23:29:24,934 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:24,937 INFO L256 TraceCheckSpWp]: Trace formula consists of 513 conjuncts, 117 conjuncts are in the unsatisfiable core [2024-11-27 23:29:24,941 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:29:25,591 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:29:26,283 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:29:26,283 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:29:26,320 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:29:26,628 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:29:26,629 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 119 treesize of output 95 [2024-11-27 23:29:27,733 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1278607794] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:29:27,733 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:29:27,734 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [30, 28, 28] total 73 [2024-11-27 23:29:27,734 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1334150875] [2024-11-27 23:29:27,734 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:29:29,449 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:29:29,449 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 73 interpolants. [2024-11-27 23:29:29,450 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=241, Invalid=5015, Unknown=0, NotChecked=0, Total=5256 [2024-11-27 23:29:29,450 INFO L87 Difference]: Start difference. First operand 90 states and 112 transitions. cyclomatic complexity: 25 Second operand has 73 states, 73 states have (on average 2.9726027397260273) internal successors, (217), 73 states have internal predecessors, (217), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:36,827 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:29:36,827 INFO L93 Difference]: Finished difference Result 429 states and 527 transitions. [2024-11-27 23:29:36,827 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 429 states and 527 transitions. [2024-11-27 23:29:36,829 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 327 [2024-11-27 23:29:36,831 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 429 states to 429 states and 527 transitions. [2024-11-27 23:29:36,832 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 345 [2024-11-27 23:29:36,832 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 345 [2024-11-27 23:29:36,832 INFO L73 IsDeterministic]: Start isDeterministic. Operand 429 states and 527 transitions. [2024-11-27 23:29:36,832 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:29:36,832 INFO L218 hiAutomatonCegarLoop]: Abstraction has 429 states and 527 transitions. [2024-11-27 23:29:36,833 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 429 states and 527 transitions. [2024-11-27 23:29:36,838 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 429 to 232. [2024-11-27 23:29:36,838 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 232 states, 232 states have (on average 1.25) internal successors, (290), 231 states have internal predecessors, (290), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:36,839 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 232 states to 232 states and 290 transitions. [2024-11-27 23:29:36,839 INFO L240 hiAutomatonCegarLoop]: Abstraction has 232 states and 290 transitions. [2024-11-27 23:29:36,840 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 81 states. [2024-11-27 23:29:36,840 INFO L425 stractBuchiCegarLoop]: Abstraction has 232 states and 290 transitions. [2024-11-27 23:29:36,840 INFO L332 stractBuchiCegarLoop]: ======== Iteration 23 ============ [2024-11-27 23:29:36,841 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 232 states and 290 transitions. [2024-11-27 23:29:36,842 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 176 [2024-11-27 23:29:36,842 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:29:36,842 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:29:36,843 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [10, 10, 9, 9, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:36,843 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [11, 11, 10, 9, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:36,843 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:36,844 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:36,844 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:36,844 INFO L85 PathProgramCache]: Analyzing trace with hash -1408330619, now seen corresponding path program 16 times [2024-11-27 23:29:36,844 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:36,844 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [868365576] [2024-11-27 23:29:36,844 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:36,845 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:36,858 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:36,858 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:36,867 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:36,871 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:36,871 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:36,871 INFO L85 PathProgramCache]: Analyzing trace with hash 883483736, now seen corresponding path program 17 times [2024-11-27 23:29:36,871 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:36,872 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [428901156] [2024-11-27 23:29:36,872 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:36,872 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:36,901 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:36,901 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:36,909 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:36,913 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:36,914 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:36,914 INFO L85 PathProgramCache]: Analyzing trace with hash -841058220, now seen corresponding path program 17 times [2024-11-27 23:29:36,914 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:36,914 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1476947382] [2024-11-27 23:29:36,914 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:36,914 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:36,942 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:38,032 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:29:38,032 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1476947382] [2024-11-27 23:29:38,033 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1476947382] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:29:38,033 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1869438952] [2024-11-27 23:29:38,033 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:38,033 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:29:38,033 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:29:38,037 INFO L229 MonitoredProcess]: Starting monitored process 57 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:29:38,038 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (57)] Waiting until timeout for monitored process [2024-11-27 23:29:38,257 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:38,260 INFO L256 TraceCheckSpWp]: Trace formula consists of 531 conjuncts, 109 conjuncts are in the unsatisfiable core [2024-11-27 23:29:38,263 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:29:38,461 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:29:38,527 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:29:38,599 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:29:38,767 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1869438952] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:29:38,767 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:29:38,768 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [26, 25, 25] total 26 [2024-11-27 23:29:38,768 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1316310249] [2024-11-27 23:29:38,768 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:29:40,779 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:29:40,779 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2024-11-27 23:29:40,779 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=50, Invalid=600, Unknown=0, NotChecked=0, Total=650 [2024-11-27 23:29:40,780 INFO L87 Difference]: Start difference. First operand 232 states and 290 transitions. cyclomatic complexity: 63 Second operand has 26 states, 26 states have (on average 3.576923076923077) internal successors, (93), 26 states have internal predecessors, (93), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:41,922 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:29:41,922 INFO L93 Difference]: Finished difference Result 158 states and 193 transitions. [2024-11-27 23:29:41,922 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 158 states and 193 transitions. [2024-11-27 23:29:41,923 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 57 [2024-11-27 23:29:41,924 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 158 states to 114 states and 140 transitions. [2024-11-27 23:29:41,924 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 67 [2024-11-27 23:29:41,924 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 67 [2024-11-27 23:29:41,924 INFO L73 IsDeterministic]: Start isDeterministic. Operand 114 states and 140 transitions. [2024-11-27 23:29:41,924 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:29:41,924 INFO L218 hiAutomatonCegarLoop]: Abstraction has 114 states and 140 transitions. [2024-11-27 23:29:41,925 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 114 states and 140 transitions. [2024-11-27 23:29:41,926 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 114 to 98. [2024-11-27 23:29:41,927 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 98 states, 98 states have (on average 1.2448979591836735) internal successors, (122), 97 states have internal predecessors, (122), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:41,927 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 122 transitions. [2024-11-27 23:29:41,927 INFO L240 hiAutomatonCegarLoop]: Abstraction has 98 states and 122 transitions. [2024-11-27 23:29:41,927 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 26 states. [2024-11-27 23:29:41,928 INFO L425 stractBuchiCegarLoop]: Abstraction has 98 states and 122 transitions. [2024-11-27 23:29:41,928 INFO L332 stractBuchiCegarLoop]: ======== Iteration 24 ============ [2024-11-27 23:29:41,928 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 98 states and 122 transitions. [2024-11-27 23:29:41,928 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 49 [2024-11-27 23:29:41,928 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:29:41,929 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:29:41,929 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [11, 11, 10, 10, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:41,929 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [11, 11, 10, 10, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:41,930 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:41,930 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:41,930 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:41,930 INFO L85 PathProgramCache]: Analyzing trace with hash -501868817, now seen corresponding path program 17 times [2024-11-27 23:29:41,930 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:41,930 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1273153744] [2024-11-27 23:29:41,931 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:41,931 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:41,948 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:41,948 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:41,957 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:41,962 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:41,962 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:41,962 INFO L85 PathProgramCache]: Analyzing trace with hash 182419158, now seen corresponding path program 18 times [2024-11-27 23:29:41,962 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:41,962 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1106676182] [2024-11-27 23:29:41,962 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:41,963 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:41,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:41,976 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:41,983 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:41,988 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:41,988 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:41,988 INFO L85 PathProgramCache]: Analyzing trace with hash -276260440, now seen corresponding path program 18 times [2024-11-27 23:29:41,988 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:41,989 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2029612861] [2024-11-27 23:29:41,989 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:41,989 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:42,016 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:43,443 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:29:43,444 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2029612861] [2024-11-27 23:29:43,444 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2029612861] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:29:43,444 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1694265771] [2024-11-27 23:29:43,444 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:43,444 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:29:43,444 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:29:43,446 INFO L229 MonitoredProcess]: Starting monitored process 58 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:29:43,448 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (58)] Waiting until timeout for monitored process [2024-11-27 23:29:43,671 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:43,675 INFO L256 TraceCheckSpWp]: Trace formula consists of 554 conjuncts, 125 conjuncts are in the unsatisfiable core [2024-11-27 23:29:43,679 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:29:44,267 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:29:45,109 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:29:45,109 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:29:45,156 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:29:45,487 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:29:45,487 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 119 treesize of output 95 [2024-11-27 23:29:46,680 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1694265771] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:29:46,680 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:29:46,680 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [32, 30, 30] total 78 [2024-11-27 23:29:46,680 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1586746751] [2024-11-27 23:29:46,681 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:29:48,526 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:29:48,527 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 78 interpolants. [2024-11-27 23:29:48,528 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=256, Invalid=5750, Unknown=0, NotChecked=0, Total=6006 [2024-11-27 23:29:48,528 INFO L87 Difference]: Start difference. First operand 98 states and 122 transitions. cyclomatic complexity: 27 Second operand has 78 states, 78 states have (on average 3.0384615384615383) internal successors, (237), 78 states have internal predecessors, (237), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:58,473 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:29:58,473 INFO L93 Difference]: Finished difference Result 472 states and 581 transitions. [2024-11-27 23:29:58,473 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 472 states and 581 transitions. [2024-11-27 23:29:58,475 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 362 [2024-11-27 23:29:58,478 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 472 states to 472 states and 581 transitions. [2024-11-27 23:29:58,478 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 380 [2024-11-27 23:29:58,479 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 380 [2024-11-27 23:29:58,479 INFO L73 IsDeterministic]: Start isDeterministic. Operand 472 states and 581 transitions. [2024-11-27 23:29:58,479 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:29:58,479 INFO L218 hiAutomatonCegarLoop]: Abstraction has 472 states and 581 transitions. [2024-11-27 23:29:58,480 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 472 states and 581 transitions. [2024-11-27 23:29:58,485 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 472 to 254. [2024-11-27 23:29:58,486 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 254 states, 254 states have (on average 1.2519685039370079) internal successors, (318), 253 states have internal predecessors, (318), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:29:58,487 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 254 states to 254 states and 318 transitions. [2024-11-27 23:29:58,487 INFO L240 hiAutomatonCegarLoop]: Abstraction has 254 states and 318 transitions. [2024-11-27 23:29:58,492 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 88 states. [2024-11-27 23:29:58,492 INFO L425 stractBuchiCegarLoop]: Abstraction has 254 states and 318 transitions. [2024-11-27 23:29:58,492 INFO L332 stractBuchiCegarLoop]: ======== Iteration 25 ============ [2024-11-27 23:29:58,492 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 254 states and 318 transitions. [2024-11-27 23:29:58,494 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 194 [2024-11-27 23:29:58,494 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:29:58,494 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:29:58,495 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [11, 11, 10, 10, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:58,495 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [12, 12, 11, 10, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:29:58,495 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:58,495 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:29:58,495 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:58,495 INFO L85 PathProgramCache]: Analyzing trace with hash -501868817, now seen corresponding path program 18 times [2024-11-27 23:29:58,496 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:58,496 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1499825711] [2024-11-27 23:29:58,496 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:58,496 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:58,515 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:58,515 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:58,526 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:58,531 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:58,532 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:58,532 INFO L85 PathProgramCache]: Analyzing trace with hash 1054306496, now seen corresponding path program 19 times [2024-11-27 23:29:58,532 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:58,532 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [125952117] [2024-11-27 23:29:58,532 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:58,533 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:58,551 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:58,551 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:29:58,561 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:29:58,567 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:29:58,567 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:29:58,567 INFO L85 PathProgramCache]: Analyzing trace with hash 552784530, now seen corresponding path program 19 times [2024-11-27 23:29:58,567 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:29:58,567 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [853034985] [2024-11-27 23:29:58,568 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:58,568 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:29:58,604 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:29:59,854 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:29:59,855 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [853034985] [2024-11-27 23:29:59,855 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [853034985] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:29:59,855 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [297419485] [2024-11-27 23:29:59,855 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:29:59,855 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:29:59,855 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:29:59,857 INFO L229 MonitoredProcess]: Starting monitored process 59 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:29:59,859 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (59)] Waiting until timeout for monitored process [2024-11-27 23:30:00,070 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:30:00,073 INFO L256 TraceCheckSpWp]: Trace formula consists of 572 conjuncts, 117 conjuncts are in the unsatisfiable core [2024-11-27 23:30:00,077 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:30:00,617 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:30:00,739 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:30:00,822 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:30:01,008 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [297419485] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:30:01,008 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:30:01,008 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [29, 27, 27] total 44 [2024-11-27 23:30:01,008 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1911087315] [2024-11-27 23:30:01,008 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:30:03,247 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:30:03,248 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 44 interpolants. [2024-11-27 23:30:03,248 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=117, Invalid=1775, Unknown=0, NotChecked=0, Total=1892 [2024-11-27 23:30:03,248 INFO L87 Difference]: Start difference. First operand 254 states and 318 transitions. cyclomatic complexity: 69 Second operand has 44 states, 44 states have (on average 3.477272727272727) internal successors, (153), 44 states have internal predecessors, (153), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:30:05,056 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:30:05,056 INFO L93 Difference]: Finished difference Result 170 states and 208 transitions. [2024-11-27 23:30:05,056 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 170 states and 208 transitions. [2024-11-27 23:30:05,057 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 61 [2024-11-27 23:30:05,058 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 170 states to 122 states and 150 transitions. [2024-11-27 23:30:05,058 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 71 [2024-11-27 23:30:05,058 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 71 [2024-11-27 23:30:05,058 INFO L73 IsDeterministic]: Start isDeterministic. Operand 122 states and 150 transitions. [2024-11-27 23:30:05,058 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:30:05,058 INFO L218 hiAutomatonCegarLoop]: Abstraction has 122 states and 150 transitions. [2024-11-27 23:30:05,058 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 122 states and 150 transitions. [2024-11-27 23:30:05,060 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 122 to 106. [2024-11-27 23:30:05,060 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 106 states, 106 states have (on average 1.2452830188679245) internal successors, (132), 105 states have internal predecessors, (132), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:30:05,061 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 106 states to 106 states and 132 transitions. [2024-11-27 23:30:05,061 INFO L240 hiAutomatonCegarLoop]: Abstraction has 106 states and 132 transitions. [2024-11-27 23:30:05,061 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2024-11-27 23:30:05,061 INFO L425 stractBuchiCegarLoop]: Abstraction has 106 states and 132 transitions. [2024-11-27 23:30:05,061 INFO L332 stractBuchiCegarLoop]: ======== Iteration 26 ============ [2024-11-27 23:30:05,061 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 106 states and 132 transitions. [2024-11-27 23:30:05,062 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 53 [2024-11-27 23:30:05,062 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:30:05,062 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:30:05,063 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [12, 12, 11, 11, 1, 1, 1, 1, 1, 1] [2024-11-27 23:30:05,063 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [12, 12, 11, 11, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:30:05,063 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:30:05,063 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:30:05,063 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:30:05,063 INFO L85 PathProgramCache]: Analyzing trace with hash -362654631, now seen corresponding path program 19 times [2024-11-27 23:30:05,064 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:30:05,064 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [839383193] [2024-11-27 23:30:05,064 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:30:05,064 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:30:05,080 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:30:05,080 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:30:05,089 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:30:05,094 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:30:05,095 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:30:05,095 INFO L85 PathProgramCache]: Analyzing trace with hash 353241918, now seen corresponding path program 20 times [2024-11-27 23:30:05,095 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:30:05,095 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [664122408] [2024-11-27 23:30:05,095 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:30:05,095 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:30:05,110 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:30:05,110 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:30:05,119 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:30:05,124 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:30:05,124 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:30:05,125 INFO L85 PathProgramCache]: Analyzing trace with hash -487866906, now seen corresponding path program 20 times [2024-11-27 23:30:05,125 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:30:05,125 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [478398433] [2024-11-27 23:30:05,125 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:30:05,125 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:30:05,155 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:30:06,531 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:30:06,531 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [478398433] [2024-11-27 23:30:06,531 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [478398433] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:30:06,531 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1358115198] [2024-11-27 23:30:06,531 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:30:06,531 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:30:06,531 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:30:06,533 INFO L229 MonitoredProcess]: Starting monitored process 60 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:30:06,536 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (60)] Waiting until timeout for monitored process [2024-11-27 23:30:06,746 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:30:06,750 INFO L256 TraceCheckSpWp]: Trace formula consists of 595 conjuncts, 133 conjuncts are in the unsatisfiable core [2024-11-27 23:30:06,754 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:30:07,386 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:30:08,255 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:30:08,255 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:30:08,301 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:30:08,640 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:30:08,640 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 115 treesize of output 91 [2024-11-27 23:30:09,974 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1358115198] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:30:09,974 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:30:09,974 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [34, 32, 32] total 83 [2024-11-27 23:30:09,975 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1599701749] [2024-11-27 23:30:09,975 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:30:12,110 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:30:12,111 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 83 interpolants. [2024-11-27 23:30:12,112 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=271, Invalid=6535, Unknown=0, NotChecked=0, Total=6806 [2024-11-27 23:30:12,112 INFO L87 Difference]: Start difference. First operand 106 states and 132 transitions. cyclomatic complexity: 29 Second operand has 83 states, 83 states have (on average 3.0963855421686746) internal successors, (257), 83 states have internal predecessors, (257), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:30:22,889 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:30:22,890 INFO L93 Difference]: Finished difference Result 515 states and 635 transitions. [2024-11-27 23:30:22,890 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 515 states and 635 transitions. [2024-11-27 23:30:22,891 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 397 [2024-11-27 23:30:22,893 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 515 states to 515 states and 635 transitions. [2024-11-27 23:30:22,893 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 415 [2024-11-27 23:30:22,894 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 415 [2024-11-27 23:30:22,894 INFO L73 IsDeterministic]: Start isDeterministic. Operand 515 states and 635 transitions. [2024-11-27 23:30:22,895 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:30:22,895 INFO L218 hiAutomatonCegarLoop]: Abstraction has 515 states and 635 transitions. [2024-11-27 23:30:22,895 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 515 states and 635 transitions. [2024-11-27 23:30:22,900 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 515 to 276. [2024-11-27 23:30:22,900 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 276 states, 276 states have (on average 1.2536231884057971) internal successors, (346), 275 states have internal predecessors, (346), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:30:22,901 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 276 states to 276 states and 346 transitions. [2024-11-27 23:30:22,901 INFO L240 hiAutomatonCegarLoop]: Abstraction has 276 states and 346 transitions. [2024-11-27 23:30:22,902 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 95 states. [2024-11-27 23:30:22,902 INFO L425 stractBuchiCegarLoop]: Abstraction has 276 states and 346 transitions. [2024-11-27 23:30:22,902 INFO L332 stractBuchiCegarLoop]: ======== Iteration 27 ============ [2024-11-27 23:30:22,903 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 276 states and 346 transitions. [2024-11-27 23:30:22,903 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 212 [2024-11-27 23:30:22,904 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:30:22,904 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:30:22,904 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [12, 12, 11, 11, 1, 1, 1, 1, 1, 1] [2024-11-27 23:30:22,905 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [13, 13, 12, 11, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:30:22,905 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:30:22,905 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:30:22,905 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:30:22,906 INFO L85 PathProgramCache]: Analyzing trace with hash -362654631, now seen corresponding path program 20 times [2024-11-27 23:30:22,906 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:30:22,906 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [384311457] [2024-11-27 23:30:22,906 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:30:22,906 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:30:22,920 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:30:22,920 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:30:22,929 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:30:22,933 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:30:22,934 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:30:22,934 INFO L85 PathProgramCache]: Analyzing trace with hash 1016695080, now seen corresponding path program 21 times [2024-11-27 23:30:22,934 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:30:22,934 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [956609783] [2024-11-27 23:30:22,934 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:30:22,934 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:30:22,948 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:30:22,948 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:30:22,957 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:30:22,962 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:30:22,962 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:30:22,962 INFO L85 PathProgramCache]: Analyzing trace with hash -1450334256, now seen corresponding path program 21 times [2024-11-27 23:30:22,962 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:30:22,962 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2112034762] [2024-11-27 23:30:22,962 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:30:22,963 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:30:22,994 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:30:24,819 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:30:24,820 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2112034762] [2024-11-27 23:30:24,820 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2112034762] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:30:24,820 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1729353106] [2024-11-27 23:30:24,820 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:30:24,820 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:30:24,820 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:30:24,824 INFO L229 MonitoredProcess]: Starting monitored process 61 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:30:24,836 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (61)] Waiting until timeout for monitored process [2024-11-27 23:30:25,045 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:30:25,049 INFO L256 TraceCheckSpWp]: Trace formula consists of 613 conjuncts, 125 conjuncts are in the unsatisfiable core [2024-11-27 23:30:25,052 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:30:25,803 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:30:26,524 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:30:26,600 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:30:26,792 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1729353106] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:30:26,792 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:30:26,792 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [38, 29, 29] total 65 [2024-11-27 23:30:26,792 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1988473533] [2024-11-27 23:30:26,792 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:30:29,225 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:30:29,226 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 65 interpolants. [2024-11-27 23:30:29,227 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=152, Invalid=4008, Unknown=0, NotChecked=0, Total=4160 [2024-11-27 23:30:29,228 INFO L87 Difference]: Start difference. First operand 276 states and 346 transitions. cyclomatic complexity: 75 Second operand has 65 states, 65 states have (on average 3.1846153846153844) internal successors, (207), 65 states have internal predecessors, (207), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:30:36,114 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:30:36,114 INFO L93 Difference]: Finished difference Result 235 states and 288 transitions. [2024-11-27 23:30:36,114 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 235 states and 288 transitions. [2024-11-27 23:30:36,115 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 69 [2024-11-27 23:30:36,116 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 235 states to 138 states and 170 transitions. [2024-11-27 23:30:36,116 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 79 [2024-11-27 23:30:36,116 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 79 [2024-11-27 23:30:36,116 INFO L73 IsDeterministic]: Start isDeterministic. Operand 138 states and 170 transitions. [2024-11-27 23:30:36,117 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:30:36,117 INFO L218 hiAutomatonCegarLoop]: Abstraction has 138 states and 170 transitions. [2024-11-27 23:30:36,117 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 138 states and 170 transitions. [2024-11-27 23:30:36,119 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 138 to 114. [2024-11-27 23:30:36,119 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 114 states, 114 states have (on average 1.2456140350877194) internal successors, (142), 113 states have internal predecessors, (142), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:30:36,120 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 114 states to 114 states and 142 transitions. [2024-11-27 23:30:36,120 INFO L240 hiAutomatonCegarLoop]: Abstraction has 114 states and 142 transitions. [2024-11-27 23:30:36,120 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 51 states. [2024-11-27 23:30:36,120 INFO L425 stractBuchiCegarLoop]: Abstraction has 114 states and 142 transitions. [2024-11-27 23:30:36,121 INFO L332 stractBuchiCegarLoop]: ======== Iteration 28 ============ [2024-11-27 23:30:36,121 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 114 states and 142 transitions. [2024-11-27 23:30:36,121 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 57 [2024-11-27 23:30:36,121 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:30:36,121 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:30:36,122 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [13, 13, 12, 12, 1, 1, 1, 1, 1, 1] [2024-11-27 23:30:36,122 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [13, 13, 12, 12, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:30:36,122 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:30:36,122 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:30:36,122 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:30:36,122 INFO L85 PathProgramCache]: Analyzing trace with hash 1310575811, now seen corresponding path program 21 times [2024-11-27 23:30:36,123 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:30:36,123 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [264459962] [2024-11-27 23:30:36,123 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:30:36,123 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:30:36,139 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:30:36,140 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:30:36,150 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:30:36,158 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:30:36,160 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:30:36,160 INFO L85 PathProgramCache]: Analyzing trace with hash 315630502, now seen corresponding path program 22 times [2024-11-27 23:30:36,160 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:30:36,160 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2058037798] [2024-11-27 23:30:36,160 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:30:36,161 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:30:36,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:30:36,177 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:30:36,189 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:30:36,195 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:30:36,195 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:30:36,195 INFO L85 PathProgramCache]: Analyzing trace with hash -580166364, now seen corresponding path program 22 times [2024-11-27 23:30:36,195 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:30:36,195 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [872647556] [2024-11-27 23:30:36,195 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:30:36,195 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:30:36,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:30:38,020 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:30:38,021 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [872647556] [2024-11-27 23:30:38,021 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [872647556] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:30:38,021 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [289564757] [2024-11-27 23:30:38,021 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:30:38,021 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:30:38,021 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:30:38,023 INFO L229 MonitoredProcess]: Starting monitored process 62 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:30:38,025 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (62)] Waiting until timeout for monitored process [2024-11-27 23:30:38,249 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:30:38,252 INFO L256 TraceCheckSpWp]: Trace formula consists of 636 conjuncts, 147 conjuncts are in the unsatisfiable core [2024-11-27 23:30:38,256 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:30:39,006 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:30:40,315 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:30:42,306 INFO L349 Elim1Store]: treesize reduction 8, result has 68.0 percent of original size [2024-11-27 23:30:42,306 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 141 treesize of output 129 [2024-11-27 23:30:44,033 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [289564757] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:30:44,034 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:30:44,034 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [36, 34, 36] total 103 [2024-11-27 23:30:44,034 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1004477975] [2024-11-27 23:30:44,034 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:30:46,320 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:30:46,321 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 103 interpolants. [2024-11-27 23:30:46,323 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=349, Invalid=10157, Unknown=0, NotChecked=0, Total=10506 [2024-11-27 23:30:46,323 INFO L87 Difference]: Start difference. First operand 114 states and 142 transitions. cyclomatic complexity: 31 Second operand has 103 states, 103 states have (on average 3.1553398058252426) internal successors, (325), 103 states have internal predecessors, (325), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:31:01,812 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:31:01,813 INFO L93 Difference]: Finished difference Result 558 states and 689 transitions. [2024-11-27 23:31:01,813 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 558 states and 689 transitions. [2024-11-27 23:31:01,814 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 432 [2024-11-27 23:31:01,816 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 558 states to 558 states and 689 transitions. [2024-11-27 23:31:01,816 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 450 [2024-11-27 23:31:01,817 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 450 [2024-11-27 23:31:01,817 INFO L73 IsDeterministic]: Start isDeterministic. Operand 558 states and 689 transitions. [2024-11-27 23:31:01,817 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:31:01,817 INFO L218 hiAutomatonCegarLoop]: Abstraction has 558 states and 689 transitions. [2024-11-27 23:31:01,818 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 558 states and 689 transitions. [2024-11-27 23:31:01,822 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 558 to 298. [2024-11-27 23:31:01,823 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 298 states, 298 states have (on average 1.25503355704698) internal successors, (374), 297 states have internal predecessors, (374), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:31:01,824 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 298 states to 298 states and 374 transitions. [2024-11-27 23:31:01,824 INFO L240 hiAutomatonCegarLoop]: Abstraction has 298 states and 374 transitions. [2024-11-27 23:31:01,825 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 105 states. [2024-11-27 23:31:01,825 INFO L425 stractBuchiCegarLoop]: Abstraction has 298 states and 374 transitions. [2024-11-27 23:31:01,825 INFO L332 stractBuchiCegarLoop]: ======== Iteration 29 ============ [2024-11-27 23:31:01,825 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 298 states and 374 transitions. [2024-11-27 23:31:01,826 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 230 [2024-11-27 23:31:01,826 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:31:01,826 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:31:01,827 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [13, 13, 12, 12, 1, 1, 1, 1, 1, 1] [2024-11-27 23:31:01,827 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [14, 14, 13, 12, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:31:01,827 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:31:01,827 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:31:01,828 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:31:01,828 INFO L85 PathProgramCache]: Analyzing trace with hash 1310575811, now seen corresponding path program 22 times [2024-11-27 23:31:01,828 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:31:01,828 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [962451961] [2024-11-27 23:31:01,828 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:01,828 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:31:01,841 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:01,841 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:31:01,847 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:01,851 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:31:01,852 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:31:01,852 INFO L85 PathProgramCache]: Analyzing trace with hash -515297904, now seen corresponding path program 23 times [2024-11-27 23:31:01,852 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:31:01,852 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1289493480] [2024-11-27 23:31:01,852 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:01,852 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:31:01,868 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:01,869 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:31:01,878 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:01,883 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:31:01,884 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:31:01,884 INFO L85 PathProgramCache]: Analyzing trace with hash 277837838, now seen corresponding path program 23 times [2024-11-27 23:31:01,884 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:31:01,884 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1492453836] [2024-11-27 23:31:01,884 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:01,884 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:31:01,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:31:03,840 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:31:03,840 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1492453836] [2024-11-27 23:31:03,840 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1492453836] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:31:03,840 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [880516545] [2024-11-27 23:31:03,840 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:03,840 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:31:03,840 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:31:03,843 INFO L229 MonitoredProcess]: Starting monitored process 63 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:31:03,844 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (63)] Waiting until timeout for monitored process [2024-11-27 23:31:04,074 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:31:04,077 INFO L256 TraceCheckSpWp]: Trace formula consists of 654 conjuncts, 133 conjuncts are in the unsatisfiable core [2024-11-27 23:31:04,081 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:31:04,907 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:31:05,717 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:31:05,822 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:31:06,027 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [880516545] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:31:06,027 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:31:06,027 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [40, 31, 31] total 69 [2024-11-27 23:31:06,027 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [170086858] [2024-11-27 23:31:06,027 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:31:08,564 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:31:08,564 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 69 interpolants. [2024-11-27 23:31:08,565 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=160, Invalid=4532, Unknown=0, NotChecked=0, Total=4692 [2024-11-27 23:31:08,565 INFO L87 Difference]: Start difference. First operand 298 states and 374 transitions. cyclomatic complexity: 81 Second operand has 69 states, 69 states have (on average 3.2318840579710146) internal successors, (223), 69 states have internal predecessors, (223), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:31:15,801 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:31:15,801 INFO L93 Difference]: Finished difference Result 251 states and 308 transitions. [2024-11-27 23:31:15,801 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 251 states and 308 transitions. [2024-11-27 23:31:15,802 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 73 [2024-11-27 23:31:15,803 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 251 states to 146 states and 180 transitions. [2024-11-27 23:31:15,803 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 83 [2024-11-27 23:31:15,803 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 83 [2024-11-27 23:31:15,803 INFO L73 IsDeterministic]: Start isDeterministic. Operand 146 states and 180 transitions. [2024-11-27 23:31:15,803 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:31:15,803 INFO L218 hiAutomatonCegarLoop]: Abstraction has 146 states and 180 transitions. [2024-11-27 23:31:15,804 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 146 states and 180 transitions. [2024-11-27 23:31:15,805 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 146 to 122. [2024-11-27 23:31:15,806 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 122 states, 122 states have (on average 1.2459016393442623) internal successors, (152), 121 states have internal predecessors, (152), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:31:15,806 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 122 states to 122 states and 152 transitions. [2024-11-27 23:31:15,806 INFO L240 hiAutomatonCegarLoop]: Abstraction has 122 states and 152 transitions. [2024-11-27 23:31:15,806 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 54 states. [2024-11-27 23:31:15,807 INFO L425 stractBuchiCegarLoop]: Abstraction has 122 states and 152 transitions. [2024-11-27 23:31:15,807 INFO L332 stractBuchiCegarLoop]: ======== Iteration 30 ============ [2024-11-27 23:31:15,807 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 122 states and 152 transitions. [2024-11-27 23:31:15,808 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 61 [2024-11-27 23:31:15,808 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:31:15,808 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:31:15,809 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [14, 14, 13, 13, 1, 1, 1, 1, 1, 1] [2024-11-27 23:31:15,809 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [14, 14, 13, 13, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:31:15,809 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:31:15,809 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:31:15,809 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:31:15,810 INFO L85 PathProgramCache]: Analyzing trace with hash -46989267, now seen corresponding path program 23 times [2024-11-27 23:31:15,810 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:31:15,810 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1650348250] [2024-11-27 23:31:15,810 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:15,810 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:31:15,825 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:15,825 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:31:15,836 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:15,841 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:31:15,841 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:31:15,841 INFO L85 PathProgramCache]: Analyzing trace with hash -1216362482, now seen corresponding path program 24 times [2024-11-27 23:31:15,841 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:31:15,841 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1320686439] [2024-11-27 23:31:15,841 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:15,842 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:31:15,855 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:15,856 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:31:15,865 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:15,869 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:31:15,870 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:31:15,870 INFO L85 PathProgramCache]: Analyzing trace with hash -1847068830, now seen corresponding path program 24 times [2024-11-27 23:31:15,870 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:31:15,870 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1322116577] [2024-11-27 23:31:15,870 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:15,870 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:31:15,908 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:31:17,607 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:31:17,607 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1322116577] [2024-11-27 23:31:17,607 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1322116577] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:31:17,607 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [540472585] [2024-11-27 23:31:17,608 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:17,608 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:31:17,608 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:31:17,610 INFO L229 MonitoredProcess]: Starting monitored process 64 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:31:17,611 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (64)] Waiting until timeout for monitored process [2024-11-27 23:31:17,852 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:31:17,855 INFO L256 TraceCheckSpWp]: Trace formula consists of 677 conjuncts, 149 conjuncts are in the unsatisfiable core [2024-11-27 23:31:17,860 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:31:18,717 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:31:19,913 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:31:19,913 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:31:19,969 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:31:20,399 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:31:20,399 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 115 treesize of output 91 [2024-11-27 23:31:22,147 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [540472585] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:31:22,147 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:31:22,147 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [38, 36, 36] total 91 [2024-11-27 23:31:22,147 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1433812769] [2024-11-27 23:31:22,147 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:31:24,752 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:31:24,752 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 91 interpolants. [2024-11-27 23:31:24,753 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=251, Invalid=7939, Unknown=0, NotChecked=0, Total=8190 [2024-11-27 23:31:24,753 INFO L87 Difference]: Start difference. First operand 122 states and 152 transitions. cyclomatic complexity: 33 Second operand has 91 states, 91 states have (on average 3.2527472527472527) internal successors, (296), 91 states have internal predecessors, (296), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:31:42,868 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:31:42,868 INFO L93 Difference]: Finished difference Result 601 states and 743 transitions. [2024-11-27 23:31:42,868 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 601 states and 743 transitions. [2024-11-27 23:31:42,869 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 467 [2024-11-27 23:31:42,872 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 601 states to 601 states and 743 transitions. [2024-11-27 23:31:42,872 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 485 [2024-11-27 23:31:42,872 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 485 [2024-11-27 23:31:42,872 INFO L73 IsDeterministic]: Start isDeterministic. Operand 601 states and 743 transitions. [2024-11-27 23:31:42,873 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:31:42,873 INFO L218 hiAutomatonCegarLoop]: Abstraction has 601 states and 743 transitions. [2024-11-27 23:31:42,874 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 601 states and 743 transitions. [2024-11-27 23:31:42,879 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 601 to 320. [2024-11-27 23:31:42,880 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 320 states, 320 states have (on average 1.25625) internal successors, (402), 319 states have internal predecessors, (402), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:31:42,881 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 320 states to 320 states and 402 transitions. [2024-11-27 23:31:42,881 INFO L240 hiAutomatonCegarLoop]: Abstraction has 320 states and 402 transitions. [2024-11-27 23:31:42,886 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 109 states. [2024-11-27 23:31:42,886 INFO L425 stractBuchiCegarLoop]: Abstraction has 320 states and 402 transitions. [2024-11-27 23:31:42,886 INFO L332 stractBuchiCegarLoop]: ======== Iteration 31 ============ [2024-11-27 23:31:42,886 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 320 states and 402 transitions. [2024-11-27 23:31:42,887 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 248 [2024-11-27 23:31:42,887 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:31:42,888 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:31:42,889 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [14, 14, 13, 13, 1, 1, 1, 1, 1, 1] [2024-11-27 23:31:42,889 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [15, 15, 14, 13, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:31:42,890 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:31:42,890 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:31:42,890 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:31:42,890 INFO L85 PathProgramCache]: Analyzing trace with hash -46989267, now seen corresponding path program 24 times [2024-11-27 23:31:42,890 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:31:42,891 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1115625019] [2024-11-27 23:31:42,891 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:42,891 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:31:42,907 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:42,908 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:31:42,918 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:42,924 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:31:42,924 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:31:42,925 INFO L85 PathProgramCache]: Analyzing trace with hash -1556062728, now seen corresponding path program 25 times [2024-11-27 23:31:42,925 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:31:42,925 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1893158030] [2024-11-27 23:31:42,925 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:42,925 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:31:42,942 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:42,942 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:31:42,952 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:42,957 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:31:42,957 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:31:42,957 INFO L85 PathProgramCache]: Analyzing trace with hash -1533492404, now seen corresponding path program 25 times [2024-11-27 23:31:42,957 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:31:42,958 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [776530144] [2024-11-27 23:31:42,958 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:42,958 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:31:42,996 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:31:44,432 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:31:44,432 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [776530144] [2024-11-27 23:31:44,432 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [776530144] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:31:44,432 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [955276774] [2024-11-27 23:31:44,432 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:44,433 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:31:44,433 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:31:44,439 INFO L229 MonitoredProcess]: Starting monitored process 65 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:31:44,440 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (65)] Waiting until timeout for monitored process [2024-11-27 23:31:44,692 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:31:44,695 INFO L256 TraceCheckSpWp]: Trace formula consists of 695 conjuncts, 141 conjuncts are in the unsatisfiable core [2024-11-27 23:31:44,699 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:31:45,443 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:31:45,598 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:31:45,695 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:31:45,980 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [955276774] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:31:45,981 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:31:45,981 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [35, 33, 33] total 53 [2024-11-27 23:31:45,981 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1302154009] [2024-11-27 23:31:45,981 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:31:49,008 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:31:49,009 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 53 interpolants. [2024-11-27 23:31:49,009 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=141, Invalid=2615, Unknown=0, NotChecked=0, Total=2756 [2024-11-27 23:31:49,009 INFO L87 Difference]: Start difference. First operand 320 states and 402 transitions. cyclomatic complexity: 87 Second operand has 53 states, 53 states have (on average 3.5660377358490565) internal successors, (189), 53 states have internal predecessors, (189), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:31:52,364 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:31:52,365 INFO L93 Difference]: Finished difference Result 206 states and 253 transitions. [2024-11-27 23:31:52,365 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 206 states and 253 transitions. [2024-11-27 23:31:52,366 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 73 [2024-11-27 23:31:52,367 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 206 states to 146 states and 180 transitions. [2024-11-27 23:31:52,367 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 83 [2024-11-27 23:31:52,367 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 83 [2024-11-27 23:31:52,367 INFO L73 IsDeterministic]: Start isDeterministic. Operand 146 states and 180 transitions. [2024-11-27 23:31:52,368 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:31:52,368 INFO L218 hiAutomatonCegarLoop]: Abstraction has 146 states and 180 transitions. [2024-11-27 23:31:52,368 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 146 states and 180 transitions. [2024-11-27 23:31:52,370 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 146 to 130. [2024-11-27 23:31:52,370 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 130 states, 130 states have (on average 1.2461538461538462) internal successors, (162), 129 states have internal predecessors, (162), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:31:52,371 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 130 states to 130 states and 162 transitions. [2024-11-27 23:31:52,371 INFO L240 hiAutomatonCegarLoop]: Abstraction has 130 states and 162 transitions. [2024-11-27 23:31:52,371 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 35 states. [2024-11-27 23:31:52,372 INFO L425 stractBuchiCegarLoop]: Abstraction has 130 states and 162 transitions. [2024-11-27 23:31:52,372 INFO L332 stractBuchiCegarLoop]: ======== Iteration 32 ============ [2024-11-27 23:31:52,372 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 130 states and 162 transitions. [2024-11-27 23:31:52,372 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 65 [2024-11-27 23:31:52,372 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:31:52,372 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:31:52,373 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [15, 15, 14, 14, 1, 1, 1, 1, 1, 1] [2024-11-27 23:31:52,373 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [15, 15, 14, 14, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:31:52,374 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:31:52,374 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:31:52,374 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:31:52,374 INFO L85 PathProgramCache]: Analyzing trace with hash -296980841, now seen corresponding path program 25 times [2024-11-27 23:31:52,375 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:31:52,375 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2008559649] [2024-11-27 23:31:52,375 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:52,375 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:31:52,389 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:52,389 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:31:52,398 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:52,403 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:31:52,404 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:31:52,404 INFO L85 PathProgramCache]: Analyzing trace with hash 2037839990, now seen corresponding path program 26 times [2024-11-27 23:31:52,404 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:31:52,404 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1840178104] [2024-11-27 23:31:52,405 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:52,405 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:31:52,425 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:52,425 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:31:52,438 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:31:52,443 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:31:52,443 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:31:52,444 INFO L85 PathProgramCache]: Analyzing trace with hash 1493306528, now seen corresponding path program 26 times [2024-11-27 23:31:52,444 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:31:52,444 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2084810967] [2024-11-27 23:31:52,444 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:52,444 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:31:52,485 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:31:54,662 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:31:54,663 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2084810967] [2024-11-27 23:31:54,663 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2084810967] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:31:54,663 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1923877792] [2024-11-27 23:31:54,663 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:31:54,663 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:31:54,663 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:31:54,665 INFO L229 MonitoredProcess]: Starting monitored process 66 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:31:54,667 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (66)] Waiting until timeout for monitored process [2024-11-27 23:31:54,946 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:31:54,951 INFO L256 TraceCheckSpWp]: Trace formula consists of 718 conjuncts, 157 conjuncts are in the unsatisfiable core [2024-11-27 23:31:54,957 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:31:55,304 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:31:56,597 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:31:56,597 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:31:56,658 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:31:57,138 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:31:57,138 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 119 treesize of output 95 [2024-11-27 23:31:59,288 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1923877792] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:31:59,288 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:31:59,288 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [39, 38, 38] total 76 [2024-11-27 23:31:59,288 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1241189006] [2024-11-27 23:31:59,288 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:32:02,881 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:32:02,881 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 76 interpolants. [2024-11-27 23:32:02,882 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=203, Invalid=5497, Unknown=0, NotChecked=0, Total=5700 [2024-11-27 23:32:02,882 INFO L87 Difference]: Start difference. First operand 130 states and 162 transitions. cyclomatic complexity: 35 Second operand has 76 states, 76 states have (on average 3.3026315789473686) internal successors, (251), 76 states have internal predecessors, (251), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:32:18,084 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:32:18,084 INFO L93 Difference]: Finished difference Result 644 states and 797 transitions. [2024-11-27 23:32:18,084 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 644 states and 797 transitions. [2024-11-27 23:32:18,086 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 502 [2024-11-27 23:32:18,087 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 644 states to 644 states and 797 transitions. [2024-11-27 23:32:18,087 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 520 [2024-11-27 23:32:18,088 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 520 [2024-11-27 23:32:18,088 INFO L73 IsDeterministic]: Start isDeterministic. Operand 644 states and 797 transitions. [2024-11-27 23:32:18,088 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:32:18,088 INFO L218 hiAutomatonCegarLoop]: Abstraction has 644 states and 797 transitions. [2024-11-27 23:32:18,089 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 644 states and 797 transitions. [2024-11-27 23:32:18,094 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 644 to 342. [2024-11-27 23:32:18,094 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 342 states, 342 states have (on average 1.2573099415204678) internal successors, (430), 341 states have internal predecessors, (430), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:32:18,095 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 342 states to 342 states and 430 transitions. [2024-11-27 23:32:18,096 INFO L240 hiAutomatonCegarLoop]: Abstraction has 342 states and 430 transitions. [2024-11-27 23:32:18,096 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 115 states. [2024-11-27 23:32:18,096 INFO L425 stractBuchiCegarLoop]: Abstraction has 342 states and 430 transitions. [2024-11-27 23:32:18,097 INFO L332 stractBuchiCegarLoop]: ======== Iteration 33 ============ [2024-11-27 23:32:18,097 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 342 states and 430 transitions. [2024-11-27 23:32:18,098 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 266 [2024-11-27 23:32:18,098 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:32:18,098 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:32:18,099 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [15, 15, 14, 14, 1, 1, 1, 1, 1, 1] [2024-11-27 23:32:18,099 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [16, 16, 15, 14, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:32:18,099 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:32:18,099 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:32:18,099 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:32:18,100 INFO L85 PathProgramCache]: Analyzing trace with hash -296980841, now seen corresponding path program 26 times [2024-11-27 23:32:18,100 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:32:18,100 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1528359194] [2024-11-27 23:32:18,100 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:32:18,100 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:32:18,117 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:32:18,117 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:32:18,128 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:32:18,134 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:32:18,134 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:32:18,134 INFO L85 PathProgramCache]: Analyzing trace with hash 1004083808, now seen corresponding path program 27 times [2024-11-27 23:32:18,134 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:32:18,135 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1209233975] [2024-11-27 23:32:18,135 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:32:18,135 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:32:18,155 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:32:18,155 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:32:18,169 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:32:18,175 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:32:18,176 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:32:18,176 INFO L85 PathProgramCache]: Analyzing trace with hash 2047478154, now seen corresponding path program 27 times [2024-11-27 23:32:18,176 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:32:18,176 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1172425943] [2024-11-27 23:32:18,176 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:32:18,176 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:32:18,222 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:32:20,023 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:32:20,023 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1172425943] [2024-11-27 23:32:20,024 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1172425943] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:32:20,024 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2050077125] [2024-11-27 23:32:20,024 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:32:20,024 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:32:20,024 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:32:20,026 INFO L229 MonitoredProcess]: Starting monitored process 67 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:32:20,029 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (67)] Waiting until timeout for monitored process [2024-11-27 23:32:20,336 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:32:20,340 INFO L256 TraceCheckSpWp]: Trace formula consists of 736 conjuncts, 149 conjuncts are in the unsatisfiable core [2024-11-27 23:32:20,346 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:32:21,377 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:32:21,584 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:32:21,694 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:32:21,998 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2050077125] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:32:21,999 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:32:21,999 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [37, 35, 35] total 56 [2024-11-27 23:32:21,999 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1965888520] [2024-11-27 23:32:21,999 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:32:25,901 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:32:25,901 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 56 interpolants. [2024-11-27 23:32:25,902 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=149, Invalid=2931, Unknown=0, NotChecked=0, Total=3080 [2024-11-27 23:32:25,902 INFO L87 Difference]: Start difference. First operand 342 states and 430 transitions. cyclomatic complexity: 93 Second operand has 56 states, 56 states have (on average 3.5892857142857144) internal successors, (201), 56 states have internal predecessors, (201), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:32:29,636 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:32:29,636 INFO L93 Difference]: Finished difference Result 218 states and 268 transitions. [2024-11-27 23:32:29,636 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 218 states and 268 transitions. [2024-11-27 23:32:29,637 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 77 [2024-11-27 23:32:29,638 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 218 states to 154 states and 190 transitions. [2024-11-27 23:32:29,638 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 87 [2024-11-27 23:32:29,639 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 87 [2024-11-27 23:32:29,639 INFO L73 IsDeterministic]: Start isDeterministic. Operand 154 states and 190 transitions. [2024-11-27 23:32:29,639 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:32:29,639 INFO L218 hiAutomatonCegarLoop]: Abstraction has 154 states and 190 transitions. [2024-11-27 23:32:29,639 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 154 states and 190 transitions. [2024-11-27 23:32:29,640 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 154 to 138. [2024-11-27 23:32:29,641 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 138 states, 138 states have (on average 1.2463768115942029) internal successors, (172), 137 states have internal predecessors, (172), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:32:29,641 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 138 states to 138 states and 172 transitions. [2024-11-27 23:32:29,642 INFO L240 hiAutomatonCegarLoop]: Abstraction has 138 states and 172 transitions. [2024-11-27 23:32:29,642 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 37 states. [2024-11-27 23:32:29,642 INFO L425 stractBuchiCegarLoop]: Abstraction has 138 states and 172 transitions. [2024-11-27 23:32:29,642 INFO L332 stractBuchiCegarLoop]: ======== Iteration 34 ============ [2024-11-27 23:32:29,642 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 138 states and 172 transitions. [2024-11-27 23:32:29,643 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 69 [2024-11-27 23:32:29,643 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:32:29,643 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:32:29,644 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [16, 16, 15, 15, 1, 1, 1, 1, 1, 1] [2024-11-27 23:32:29,644 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [16, 16, 15, 15, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:32:29,645 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:32:29,645 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:32:29,645 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:32:29,645 INFO L85 PathProgramCache]: Analyzing trace with hash -1093363711, now seen corresponding path program 27 times [2024-11-27 23:32:29,645 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:32:29,645 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [40185073] [2024-11-27 23:32:29,645 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:32:29,645 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:32:29,668 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:32:29,668 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:32:29,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:32:29,688 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:32:29,688 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:32:29,688 INFO L85 PathProgramCache]: Analyzing trace with hash 303019230, now seen corresponding path program 28 times [2024-11-27 23:32:29,688 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:32:29,689 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [112525187] [2024-11-27 23:32:29,689 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:32:29,689 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:32:29,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:32:29,708 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:32:29,722 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:32:29,727 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:32:29,728 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:32:29,728 INFO L85 PathProgramCache]: Analyzing trace with hash 1360665822, now seen corresponding path program 28 times [2024-11-27 23:32:29,728 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:32:29,728 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [814584616] [2024-11-27 23:32:29,728 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:32:29,728 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:32:29,773 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:32:31,825 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:32:31,826 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [814584616] [2024-11-27 23:32:31,826 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [814584616] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:32:31,826 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [605178942] [2024-11-27 23:32:31,826 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:32:31,826 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:32:31,826 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:32:31,829 INFO L229 MonitoredProcess]: Starting monitored process 68 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:32:31,831 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (68)] Waiting until timeout for monitored process [2024-11-27 23:32:32,175 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:32:32,180 INFO L256 TraceCheckSpWp]: Trace formula consists of 759 conjuncts, 165 conjuncts are in the unsatisfiable core [2024-11-27 23:32:32,185 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:32:33,327 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:32:35,051 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:32:35,051 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:32:35,119 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:32:35,653 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:32:35,654 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 119 treesize of output 95 [2024-11-27 23:32:38,021 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [605178942] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:32:38,021 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:32:38,021 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [42, 40, 40] total 103 [2024-11-27 23:32:38,021 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1361557601] [2024-11-27 23:32:38,021 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:32:41,960 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:32:41,961 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 103 interpolants. [2024-11-27 23:32:41,962 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=331, Invalid=10175, Unknown=0, NotChecked=0, Total=10506 [2024-11-27 23:32:41,962 INFO L87 Difference]: Start difference. First operand 138 states and 172 transitions. cyclomatic complexity: 37 Second operand has 103 states, 103 states have (on average 3.2718446601941746) internal successors, (337), 103 states have internal predecessors, (337), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:33:03,362 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:33:03,362 INFO L93 Difference]: Finished difference Result 687 states and 851 transitions. [2024-11-27 23:33:03,362 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 687 states and 851 transitions. [2024-11-27 23:33:03,364 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 537 [2024-11-27 23:33:03,366 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 687 states to 687 states and 851 transitions. [2024-11-27 23:33:03,366 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 555 [2024-11-27 23:33:03,367 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 555 [2024-11-27 23:33:03,367 INFO L73 IsDeterministic]: Start isDeterministic. Operand 687 states and 851 transitions. [2024-11-27 23:33:03,367 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:33:03,367 INFO L218 hiAutomatonCegarLoop]: Abstraction has 687 states and 851 transitions. [2024-11-27 23:33:03,368 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 687 states and 851 transitions. [2024-11-27 23:33:03,373 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 687 to 364. [2024-11-27 23:33:03,374 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 364 states, 364 states have (on average 1.2582417582417582) internal successors, (458), 363 states have internal predecessors, (458), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:33:03,376 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 364 states to 364 states and 458 transitions. [2024-11-27 23:33:03,376 INFO L240 hiAutomatonCegarLoop]: Abstraction has 364 states and 458 transitions. [2024-11-27 23:33:03,376 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 123 states. [2024-11-27 23:33:03,377 INFO L425 stractBuchiCegarLoop]: Abstraction has 364 states and 458 transitions. [2024-11-27 23:33:03,377 INFO L332 stractBuchiCegarLoop]: ======== Iteration 35 ============ [2024-11-27 23:33:03,377 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 364 states and 458 transitions. [2024-11-27 23:33:03,378 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 284 [2024-11-27 23:33:03,379 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:33:03,379 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:33:03,380 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [16, 16, 15, 15, 1, 1, 1, 1, 1, 1] [2024-11-27 23:33:03,380 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [17, 17, 16, 15, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:33:03,380 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:33:03,380 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:33:03,381 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:33:03,381 INFO L85 PathProgramCache]: Analyzing trace with hash -1093363711, now seen corresponding path program 28 times [2024-11-27 23:33:03,381 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:33:03,381 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1742896583] [2024-11-27 23:33:03,382 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:33:03,382 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:33:03,403 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:33:03,403 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:33:03,417 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:33:03,423 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:33:03,424 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:33:03,424 INFO L85 PathProgramCache]: Analyzing trace with hash 661480136, now seen corresponding path program 29 times [2024-11-27 23:33:03,424 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:33:03,424 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1986375196] [2024-11-27 23:33:03,424 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:33:03,425 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:33:03,446 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:33:03,446 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:33:03,460 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:33:03,465 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:33:03,466 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:33:03,466 INFO L85 PathProgramCache]: Analyzing trace with hash -1962685752, now seen corresponding path program 29 times [2024-11-27 23:33:03,466 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:33:03,466 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1846918878] [2024-11-27 23:33:03,466 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:33:03,466 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:33:03,512 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:33:05,460 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:33:05,461 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1846918878] [2024-11-27 23:33:05,461 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1846918878] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:33:05,461 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [285077003] [2024-11-27 23:33:05,461 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:33:05,461 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:33:05,461 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:33:05,464 INFO L229 MonitoredProcess]: Starting monitored process 69 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:33:05,465 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (69)] Waiting until timeout for monitored process [2024-11-27 23:33:05,778 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:33:05,782 INFO L256 TraceCheckSpWp]: Trace formula consists of 777 conjuncts, 157 conjuncts are in the unsatisfiable core [2024-11-27 23:33:05,786 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:33:06,661 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:33:06,846 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:33:06,975 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:33:07,278 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [285077003] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:33:07,279 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:33:07,279 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [39, 37, 37] total 59 [2024-11-27 23:33:07,279 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [690855872] [2024-11-27 23:33:07,279 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:33:11,089 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:33:11,089 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 59 interpolants. [2024-11-27 23:33:11,089 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=157, Invalid=3265, Unknown=0, NotChecked=0, Total=3422 [2024-11-27 23:33:11,089 INFO L87 Difference]: Start difference. First operand 364 states and 458 transitions. cyclomatic complexity: 99 Second operand has 59 states, 59 states have (on average 3.610169491525424) internal successors, (213), 59 states have internal predecessors, (213), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:33:15,178 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:33:15,178 INFO L93 Difference]: Finished difference Result 230 states and 283 transitions. [2024-11-27 23:33:15,178 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 230 states and 283 transitions. [2024-11-27 23:33:15,179 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 81 [2024-11-27 23:33:15,179 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 230 states to 162 states and 200 transitions. [2024-11-27 23:33:15,179 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 91 [2024-11-27 23:33:15,179 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 91 [2024-11-27 23:33:15,179 INFO L73 IsDeterministic]: Start isDeterministic. Operand 162 states and 200 transitions. [2024-11-27 23:33:15,180 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:33:15,180 INFO L218 hiAutomatonCegarLoop]: Abstraction has 162 states and 200 transitions. [2024-11-27 23:33:15,180 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 162 states and 200 transitions. [2024-11-27 23:33:15,182 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 162 to 146. [2024-11-27 23:33:15,182 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 146 states, 146 states have (on average 1.2465753424657535) internal successors, (182), 145 states have internal predecessors, (182), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:33:15,182 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 146 states to 146 states and 182 transitions. [2024-11-27 23:33:15,182 INFO L240 hiAutomatonCegarLoop]: Abstraction has 146 states and 182 transitions. [2024-11-27 23:33:15,182 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2024-11-27 23:33:15,183 INFO L425 stractBuchiCegarLoop]: Abstraction has 146 states and 182 transitions. [2024-11-27 23:33:15,183 INFO L332 stractBuchiCegarLoop]: ======== Iteration 36 ============ [2024-11-27 23:33:15,183 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 146 states and 182 transitions. [2024-11-27 23:33:15,184 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 73 [2024-11-27 23:33:15,184 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:33:15,184 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:33:15,185 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [17, 17, 16, 16, 1, 1, 1, 1, 1, 1] [2024-11-27 23:33:15,185 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [17, 17, 16, 16, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:33:15,185 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:33:15,185 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:33:15,185 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:33:15,185 INFO L85 PathProgramCache]: Analyzing trace with hash 1391852651, now seen corresponding path program 29 times [2024-11-27 23:33:15,186 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:33:15,186 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1457500504] [2024-11-27 23:33:15,186 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:33:15,186 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:33:15,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:33:15,201 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:33:15,214 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:33:15,220 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:33:15,221 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:33:15,221 INFO L85 PathProgramCache]: Analyzing trace with hash -39584442, now seen corresponding path program 30 times [2024-11-27 23:33:15,221 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:33:15,221 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1597503892] [2024-11-27 23:33:15,221 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:33:15,222 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:33:15,243 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:33:15,243 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:33:15,257 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:33:15,263 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:33:15,263 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:33:15,264 INFO L85 PathProgramCache]: Analyzing trace with hash 2119215132, now seen corresponding path program 30 times [2024-11-27 23:33:15,264 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:33:15,264 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [828344640] [2024-11-27 23:33:15,264 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:33:15,264 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:33:15,315 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:33:18,017 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:33:18,017 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [828344640] [2024-11-27 23:33:18,017 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [828344640] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:33:18,017 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1592607377] [2024-11-27 23:33:18,017 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:33:18,018 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:33:18,018 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:33:18,020 INFO L229 MonitoredProcess]: Starting monitored process 70 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:33:18,022 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (70)] Waiting until timeout for monitored process [2024-11-27 23:33:18,351 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:33:18,357 INFO L256 TraceCheckSpWp]: Trace formula consists of 800 conjuncts, 173 conjuncts are in the unsatisfiable core [2024-11-27 23:33:18,361 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:33:18,672 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:33:20,333 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:33:20,333 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:33:20,404 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:33:20,970 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:33:20,970 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 119 treesize of output 95 [2024-11-27 23:33:23,371 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1592607377] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:33:23,371 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:33:23,372 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [45, 42, 42] total 86 [2024-11-27 23:33:23,372 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1454563086] [2024-11-27 23:33:23,372 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:33:27,582 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:33:27,583 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 86 interpolants. [2024-11-27 23:33:27,583 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=228, Invalid=7082, Unknown=0, NotChecked=0, Total=7310 [2024-11-27 23:33:27,584 INFO L87 Difference]: Start difference. First operand 146 states and 182 transitions. cyclomatic complexity: 39 Second operand has 86 states, 86 states have (on average 3.3255813953488373) internal successors, (286), 86 states have internal predecessors, (286), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:33:48,502 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:33:48,502 INFO L93 Difference]: Finished difference Result 730 states and 905 transitions. [2024-11-27 23:33:48,503 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 730 states and 905 transitions. [2024-11-27 23:33:48,505 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 572 [2024-11-27 23:33:48,508 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 730 states to 730 states and 905 transitions. [2024-11-27 23:33:48,508 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 590 [2024-11-27 23:33:48,509 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 590 [2024-11-27 23:33:48,509 INFO L73 IsDeterministic]: Start isDeterministic. Operand 730 states and 905 transitions. [2024-11-27 23:33:48,509 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:33:48,510 INFO L218 hiAutomatonCegarLoop]: Abstraction has 730 states and 905 transitions. [2024-11-27 23:33:48,510 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 730 states and 905 transitions. [2024-11-27 23:33:48,515 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 730 to 386. [2024-11-27 23:33:48,516 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 386 states, 386 states have (on average 1.2590673575129534) internal successors, (486), 385 states have internal predecessors, (486), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:33:48,517 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 386 states to 386 states and 486 transitions. [2024-11-27 23:33:48,518 INFO L240 hiAutomatonCegarLoop]: Abstraction has 386 states and 486 transitions. [2024-11-27 23:33:48,555 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 130 states. [2024-11-27 23:33:48,555 INFO L425 stractBuchiCegarLoop]: Abstraction has 386 states and 486 transitions. [2024-11-27 23:33:48,555 INFO L332 stractBuchiCegarLoop]: ======== Iteration 37 ============ [2024-11-27 23:33:48,556 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 386 states and 486 transitions. [2024-11-27 23:33:48,556 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 302 [2024-11-27 23:33:48,557 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:33:48,557 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:33:48,557 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [17, 17, 16, 16, 1, 1, 1, 1, 1, 1] [2024-11-27 23:33:48,557 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [18, 18, 17, 16, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:33:48,558 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:33:48,558 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:33:48,558 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:33:48,559 INFO L85 PathProgramCache]: Analyzing trace with hash 1391852651, now seen corresponding path program 30 times [2024-11-27 23:33:48,559 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:33:48,559 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1660941955] [2024-11-27 23:33:48,559 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:33:48,559 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:33:48,578 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:33:48,578 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:33:48,588 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:33:48,593 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:33:48,594 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:33:48,594 INFO L85 PathProgramCache]: Analyzing trace with hash 626472752, now seen corresponding path program 31 times [2024-11-27 23:33:48,594 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:33:48,594 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [154922553] [2024-11-27 23:33:48,594 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:33:48,594 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:33:48,612 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:33:48,612 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:33:48,625 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:33:48,630 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:33:48,631 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:33:48,631 INFO L85 PathProgramCache]: Analyzing trace with hash -681146618, now seen corresponding path program 31 times [2024-11-27 23:33:48,631 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:33:48,631 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1424467700] [2024-11-27 23:33:48,631 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:33:48,631 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:33:48,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:33:50,765 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:33:50,766 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1424467700] [2024-11-27 23:33:50,766 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1424467700] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:33:50,766 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [274125227] [2024-11-27 23:33:50,766 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:33:50,766 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:33:50,766 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:33:50,769 INFO L229 MonitoredProcess]: Starting monitored process 71 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:33:50,771 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (71)] Waiting until timeout for monitored process [2024-11-27 23:33:51,191 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:33:51,197 INFO L256 TraceCheckSpWp]: Trace formula consists of 818 conjuncts, 165 conjuncts are in the unsatisfiable core [2024-11-27 23:33:51,203 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:33:52,421 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:33:52,667 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:33:52,805 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:33:53,149 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [274125227] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:33:53,150 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:33:53,150 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [41, 39, 39] total 62 [2024-11-27 23:33:53,150 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [597640539] [2024-11-27 23:33:53,150 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:33:58,052 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:33:58,052 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 62 interpolants. [2024-11-27 23:33:58,053 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=165, Invalid=3617, Unknown=0, NotChecked=0, Total=3782 [2024-11-27 23:33:58,053 INFO L87 Difference]: Start difference. First operand 386 states and 486 transitions. cyclomatic complexity: 105 Second operand has 62 states, 62 states have (on average 3.629032258064516) internal successors, (225), 62 states have internal predecessors, (225), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:34:02,672 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:34:02,672 INFO L93 Difference]: Finished difference Result 242 states and 298 transitions. [2024-11-27 23:34:02,672 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 242 states and 298 transitions. [2024-11-27 23:34:02,673 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 85 [2024-11-27 23:34:02,674 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 242 states to 170 states and 210 transitions. [2024-11-27 23:34:02,675 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 95 [2024-11-27 23:34:02,675 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 95 [2024-11-27 23:34:02,675 INFO L73 IsDeterministic]: Start isDeterministic. Operand 170 states and 210 transitions. [2024-11-27 23:34:02,675 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:34:02,675 INFO L218 hiAutomatonCegarLoop]: Abstraction has 170 states and 210 transitions. [2024-11-27 23:34:02,675 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 170 states and 210 transitions. [2024-11-27 23:34:02,676 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 170 to 154. [2024-11-27 23:34:02,677 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 154 states, 154 states have (on average 1.2467532467532467) internal successors, (192), 153 states have internal predecessors, (192), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:34:02,677 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 192 transitions. [2024-11-27 23:34:02,677 INFO L240 hiAutomatonCegarLoop]: Abstraction has 154 states and 192 transitions. [2024-11-27 23:34:02,677 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 41 states. [2024-11-27 23:34:02,678 INFO L425 stractBuchiCegarLoop]: Abstraction has 154 states and 192 transitions. [2024-11-27 23:34:02,678 INFO L332 stractBuchiCegarLoop]: ======== Iteration 38 ============ [2024-11-27 23:34:02,678 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 154 states and 192 transitions. [2024-11-27 23:34:02,679 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 77 [2024-11-27 23:34:02,679 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:34:02,679 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:34:02,679 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [18, 18, 17, 17, 1, 1, 1, 1, 1, 1] [2024-11-27 23:34:02,679 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [18, 18, 17, 17, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:34:02,680 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:34:02,680 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:34:02,680 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:34:02,680 INFO L85 PathProgramCache]: Analyzing trace with hash 1973099477, now seen corresponding path program 31 times [2024-11-27 23:34:02,680 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:34:02,680 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [98702090] [2024-11-27 23:34:02,680 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:34:02,680 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:34:02,703 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:34:02,703 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:34:02,715 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:34:02,721 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:34:02,721 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:34:02,721 INFO L85 PathProgramCache]: Analyzing trace with hash -74591826, now seen corresponding path program 32 times [2024-11-27 23:34:02,721 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:34:02,721 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2045527517] [2024-11-27 23:34:02,721 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:34:02,722 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:34:02,744 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:34:02,744 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:34:02,759 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:34:02,766 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:34:02,766 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:34:02,766 INFO L85 PathProgramCache]: Analyzing trace with hash -360305062, now seen corresponding path program 32 times [2024-11-27 23:34:02,767 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:34:02,767 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [896487295] [2024-11-27 23:34:02,767 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:34:02,767 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:34:02,818 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:34:05,438 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:34:05,438 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [896487295] [2024-11-27 23:34:05,438 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [896487295] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:34:05,438 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [305976674] [2024-11-27 23:34:05,438 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:34:05,438 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:34:05,438 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:34:05,441 INFO L229 MonitoredProcess]: Starting monitored process 72 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:34:05,443 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (72)] Waiting until timeout for monitored process [2024-11-27 23:34:05,828 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:34:05,834 INFO L256 TraceCheckSpWp]: Trace formula consists of 841 conjuncts, 181 conjuncts are in the unsatisfiable core [2024-11-27 23:34:05,839 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:34:06,224 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:34:08,175 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:34:08,175 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:34:08,236 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:34:08,731 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:34:08,732 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 115 treesize of output 91 [2024-11-27 23:34:11,310 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [305976674] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:34:11,311 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:34:11,311 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [45, 44, 44] total 88 [2024-11-27 23:34:11,311 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1532315409] [2024-11-27 23:34:11,311 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:34:15,509 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:34:15,510 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 88 interpolants. [2024-11-27 23:34:15,510 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=233, Invalid=7423, Unknown=0, NotChecked=0, Total=7656 [2024-11-27 23:34:15,510 INFO L87 Difference]: Start difference. First operand 154 states and 192 transitions. cyclomatic complexity: 41 Second operand has 88 states, 88 states have (on average 3.397727272727273) internal successors, (299), 88 states have internal predecessors, (299), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:34:35,155 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:34:35,155 INFO L93 Difference]: Finished difference Result 773 states and 959 transitions. [2024-11-27 23:34:35,155 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 773 states and 959 transitions. [2024-11-27 23:34:35,157 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 607 [2024-11-27 23:34:35,158 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 773 states to 773 states and 959 transitions. [2024-11-27 23:34:35,159 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 625 [2024-11-27 23:34:35,159 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 625 [2024-11-27 23:34:35,159 INFO L73 IsDeterministic]: Start isDeterministic. Operand 773 states and 959 transitions. [2024-11-27 23:34:35,159 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:34:35,159 INFO L218 hiAutomatonCegarLoop]: Abstraction has 773 states and 959 transitions. [2024-11-27 23:34:35,160 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 773 states and 959 transitions. [2024-11-27 23:34:35,166 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 773 to 408. [2024-11-27 23:34:35,166 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 408 states, 408 states have (on average 1.2598039215686274) internal successors, (514), 407 states have internal predecessors, (514), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:34:35,168 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 408 states to 408 states and 514 transitions. [2024-11-27 23:34:35,168 INFO L240 hiAutomatonCegarLoop]: Abstraction has 408 states and 514 transitions. [2024-11-27 23:34:35,169 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 136 states. [2024-11-27 23:34:35,169 INFO L425 stractBuchiCegarLoop]: Abstraction has 408 states and 514 transitions. [2024-11-27 23:34:35,169 INFO L332 stractBuchiCegarLoop]: ======== Iteration 39 ============ [2024-11-27 23:34:35,169 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 408 states and 514 transitions. [2024-11-27 23:34:35,171 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 320 [2024-11-27 23:34:35,171 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:34:35,171 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:34:35,172 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [18, 18, 17, 17, 1, 1, 1, 1, 1, 1] [2024-11-27 23:34:35,172 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [19, 19, 18, 17, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:34:35,172 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:34:35,172 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:34:35,173 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:34:35,173 INFO L85 PathProgramCache]: Analyzing trace with hash 1973099477, now seen corresponding path program 32 times [2024-11-27 23:34:35,173 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:34:35,173 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [800464604] [2024-11-27 23:34:35,173 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:34:35,173 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:34:35,196 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:34:35,196 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:34:35,211 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:34:35,215 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:34:35,216 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:34:35,216 INFO L85 PathProgramCache]: Analyzing trace with hash -1208969320, now seen corresponding path program 33 times [2024-11-27 23:34:35,216 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:34:35,216 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [816720435] [2024-11-27 23:34:35,216 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:34:35,216 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:34:35,239 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:34:35,239 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:34:35,255 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:34:35,261 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:34:35,261 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:34:35,262 INFO L85 PathProgramCache]: Analyzing trace with hash -2066563516, now seen corresponding path program 33 times [2024-11-27 23:34:35,262 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:34:35,262 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1592600828] [2024-11-27 23:34:35,262 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:34:35,262 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:34:35,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:34:37,693 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:34:37,693 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1592600828] [2024-11-27 23:34:37,693 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1592600828] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:34:37,693 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [542840873] [2024-11-27 23:34:37,693 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:34:37,693 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:34:37,693 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:34:37,696 INFO L229 MonitoredProcess]: Starting monitored process 73 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:34:37,697 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (73)] Waiting until timeout for monitored process [2024-11-27 23:34:38,085 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:34:38,094 INFO L256 TraceCheckSpWp]: Trace formula consists of 859 conjuncts, 173 conjuncts are in the unsatisfiable core [2024-11-27 23:34:38,101 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:34:38,484 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:34:38,590 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:34:38,718 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:34:39,041 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [542840873] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:34:39,041 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:34:39,041 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [42, 41, 41] total 42 [2024-11-27 23:34:39,041 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2039904123] [2024-11-27 23:34:39,041 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:34:44,301 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:34:44,301 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 42 interpolants. [2024-11-27 23:34:44,302 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=82, Invalid=1640, Unknown=0, NotChecked=0, Total=1722 [2024-11-27 23:34:44,302 INFO L87 Difference]: Start difference. First operand 408 states and 514 transitions. cyclomatic complexity: 111 Second operand has 42 states, 42 states have (on average 3.738095238095238) internal successors, (157), 42 states have internal predecessors, (157), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:34:48,333 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:34:48,333 INFO L93 Difference]: Finished difference Result 254 states and 313 transitions. [2024-11-27 23:34:48,333 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 254 states and 313 transitions. [2024-11-27 23:34:48,334 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 89 [2024-11-27 23:34:48,335 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 254 states to 178 states and 220 transitions. [2024-11-27 23:34:48,335 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 99 [2024-11-27 23:34:48,335 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 99 [2024-11-27 23:34:48,335 INFO L73 IsDeterministic]: Start isDeterministic. Operand 178 states and 220 transitions. [2024-11-27 23:34:48,336 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:34:48,336 INFO L218 hiAutomatonCegarLoop]: Abstraction has 178 states and 220 transitions. [2024-11-27 23:34:48,336 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 178 states and 220 transitions. [2024-11-27 23:34:48,337 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 178 to 162. [2024-11-27 23:34:48,337 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 162 states, 162 states have (on average 1.2469135802469136) internal successors, (202), 161 states have internal predecessors, (202), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:34:48,338 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 162 states to 162 states and 202 transitions. [2024-11-27 23:34:48,338 INFO L240 hiAutomatonCegarLoop]: Abstraction has 162 states and 202 transitions. [2024-11-27 23:34:48,338 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 42 states. [2024-11-27 23:34:48,339 INFO L425 stractBuchiCegarLoop]: Abstraction has 162 states and 202 transitions. [2024-11-27 23:34:48,339 INFO L332 stractBuchiCegarLoop]: ======== Iteration 40 ============ [2024-11-27 23:34:48,339 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 162 states and 202 transitions. [2024-11-27 23:34:48,339 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 81 [2024-11-27 23:34:48,339 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:34:48,339 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:34:48,340 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [19, 19, 18, 18, 1, 1, 1, 1, 1, 1] [2024-11-27 23:34:48,340 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [19, 19, 18, 18, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:34:48,340 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:34:48,340 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:34:48,341 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:34:48,341 INFO L85 PathProgramCache]: Analyzing trace with hash 2020505151, now seen corresponding path program 33 times [2024-11-27 23:34:48,341 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:34:48,341 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [24420912] [2024-11-27 23:34:48,341 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:34:48,341 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:34:48,362 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:34:48,362 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:34:48,372 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:34:48,378 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:34:48,378 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:34:48,378 INFO L85 PathProgramCache]: Analyzing trace with hash -1910033898, now seen corresponding path program 34 times [2024-11-27 23:34:48,378 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:34:48,379 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1425102875] [2024-11-27 23:34:48,379 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:34:48,379 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:34:48,398 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:34:48,398 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:34:48,408 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:34:48,413 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:34:48,414 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:34:48,414 INFO L85 PathProgramCache]: Analyzing trace with hash -983879784, now seen corresponding path program 34 times [2024-11-27 23:34:48,414 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:34:48,414 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [987206801] [2024-11-27 23:34:48,414 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:34:48,414 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:34:48,455 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:34:50,779 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:34:50,779 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [987206801] [2024-11-27 23:34:50,779 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [987206801] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:34:50,779 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1331405733] [2024-11-27 23:34:50,779 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:34:50,779 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:34:50,779 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:34:50,782 INFO L229 MonitoredProcess]: Starting monitored process 74 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:34:50,783 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (74)] Waiting until timeout for monitored process [2024-11-27 23:34:51,122 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:34:51,127 INFO L256 TraceCheckSpWp]: Trace formula consists of 882 conjuncts, 189 conjuncts are in the unsatisfiable core [2024-11-27 23:34:51,132 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:34:52,633 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:34:55,106 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:34:55,107 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:34:55,185 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:34:55,807 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:34:55,807 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 119 treesize of output 95 [2024-11-27 23:34:59,029 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1331405733] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:34:59,029 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:34:59,030 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [48, 46, 46] total 118 [2024-11-27 23:34:59,030 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [315088509] [2024-11-27 23:34:59,030 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:35:04,247 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:35:04,247 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 118 interpolants. [2024-11-27 23:35:04,248 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=376, Invalid=13430, Unknown=0, NotChecked=0, Total=13806 [2024-11-27 23:35:04,248 INFO L87 Difference]: Start difference. First operand 162 states and 202 transitions. cyclomatic complexity: 43 Second operand has 118 states, 118 states have (on average 3.364406779661017) internal successors, (397), 118 states have internal predecessors, (397), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:35:33,409 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:35:33,409 INFO L93 Difference]: Finished difference Result 816 states and 1013 transitions. [2024-11-27 23:35:33,409 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 816 states and 1013 transitions. [2024-11-27 23:35:33,411 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 642 [2024-11-27 23:35:33,414 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 816 states to 816 states and 1013 transitions. [2024-11-27 23:35:33,414 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 660 [2024-11-27 23:35:33,415 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 660 [2024-11-27 23:35:33,415 INFO L73 IsDeterministic]: Start isDeterministic. Operand 816 states and 1013 transitions. [2024-11-27 23:35:33,415 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:35:33,415 INFO L218 hiAutomatonCegarLoop]: Abstraction has 816 states and 1013 transitions. [2024-11-27 23:35:33,416 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 816 states and 1013 transitions. [2024-11-27 23:35:33,422 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 816 to 430. [2024-11-27 23:35:33,423 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 430 states, 430 states have (on average 1.2604651162790699) internal successors, (542), 429 states have internal predecessors, (542), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:35:33,425 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 430 states to 430 states and 542 transitions. [2024-11-27 23:35:33,425 INFO L240 hiAutomatonCegarLoop]: Abstraction has 430 states and 542 transitions. [2024-11-27 23:35:33,426 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 144 states. [2024-11-27 23:35:33,426 INFO L425 stractBuchiCegarLoop]: Abstraction has 430 states and 542 transitions. [2024-11-27 23:35:33,426 INFO L332 stractBuchiCegarLoop]: ======== Iteration 41 ============ [2024-11-27 23:35:33,426 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 430 states and 542 transitions. [2024-11-27 23:35:33,428 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 338 [2024-11-27 23:35:33,428 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:35:33,428 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:35:33,430 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [19, 19, 18, 18, 1, 1, 1, 1, 1, 1] [2024-11-27 23:35:33,430 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [20, 20, 19, 18, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:35:33,430 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:35:33,431 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:35:33,431 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:35:33,431 INFO L85 PathProgramCache]: Analyzing trace with hash 2020505151, now seen corresponding path program 34 times [2024-11-27 23:35:33,432 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:35:33,432 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [9638155] [2024-11-27 23:35:33,432 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:35:33,432 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:35:33,452 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:35:33,453 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:35:33,464 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:35:33,470 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:35:33,471 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:35:33,471 INFO L85 PathProgramCache]: Analyzing trace with hash -1533836288, now seen corresponding path program 35 times [2024-11-27 23:35:33,471 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:35:33,471 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1534733771] [2024-11-27 23:35:33,471 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:35:33,472 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:35:33,494 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:35:33,494 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:35:33,512 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:35:33,518 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:35:33,519 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:35:33,519 INFO L85 PathProgramCache]: Analyzing trace with hash -22482814, now seen corresponding path program 35 times [2024-11-27 23:35:33,519 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:35:33,519 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1877047361] [2024-11-27 23:35:33,519 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:35:33,519 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:35:33,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:35:35,951 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:35:35,951 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1877047361] [2024-11-27 23:35:35,951 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1877047361] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:35:35,951 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [751222034] [2024-11-27 23:35:35,951 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:35:35,951 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:35:35,951 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:35:35,953 INFO L229 MonitoredProcess]: Starting monitored process 75 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:35:35,955 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (75)] Waiting until timeout for monitored process [2024-11-27 23:35:36,257 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:35:36,262 INFO L256 TraceCheckSpWp]: Trace formula consists of 900 conjuncts, 181 conjuncts are in the unsatisfiable core [2024-11-27 23:35:36,266 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:35:37,407 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:35:37,679 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:35:37,841 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:35:38,258 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [751222034] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:35:38,258 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:35:38,259 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [45, 43, 43] total 68 [2024-11-27 23:35:38,259 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [573925877] [2024-11-27 23:35:38,259 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:35:43,625 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:35:43,625 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 68 interpolants. [2024-11-27 23:35:43,625 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=181, Invalid=4375, Unknown=0, NotChecked=0, Total=4556 [2024-11-27 23:35:43,626 INFO L87 Difference]: Start difference. First operand 430 states and 542 transitions. cyclomatic complexity: 117 Second operand has 68 states, 68 states have (on average 3.661764705882353) internal successors, (249), 68 states have internal predecessors, (249), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:35:49,203 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:35:49,203 INFO L93 Difference]: Finished difference Result 266 states and 328 transitions. [2024-11-27 23:35:49,203 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 266 states and 328 transitions. [2024-11-27 23:35:49,204 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 93 [2024-11-27 23:35:49,206 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 266 states to 186 states and 230 transitions. [2024-11-27 23:35:49,206 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 103 [2024-11-27 23:35:49,206 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 103 [2024-11-27 23:35:49,206 INFO L73 IsDeterministic]: Start isDeterministic. Operand 186 states and 230 transitions. [2024-11-27 23:35:49,206 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:35:49,206 INFO L218 hiAutomatonCegarLoop]: Abstraction has 186 states and 230 transitions. [2024-11-27 23:35:49,207 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 186 states and 230 transitions. [2024-11-27 23:35:49,208 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 186 to 170. [2024-11-27 23:35:49,208 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 170 states, 170 states have (on average 1.2470588235294118) internal successors, (212), 169 states have internal predecessors, (212), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:35:49,209 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 170 states to 170 states and 212 transitions. [2024-11-27 23:35:49,209 INFO L240 hiAutomatonCegarLoop]: Abstraction has 170 states and 212 transitions. [2024-11-27 23:35:49,209 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 45 states. [2024-11-27 23:35:49,210 INFO L425 stractBuchiCegarLoop]: Abstraction has 170 states and 212 transitions. [2024-11-27 23:35:49,210 INFO L332 stractBuchiCegarLoop]: ======== Iteration 42 ============ [2024-11-27 23:35:49,210 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 170 states and 212 transitions. [2024-11-27 23:35:49,210 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 85 [2024-11-27 23:35:49,211 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:35:49,211 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:35:49,212 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [20, 20, 19, 19, 1, 1, 1, 1, 1, 1] [2024-11-27 23:35:49,212 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [20, 20, 19, 19, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:35:49,212 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:35:49,212 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:35:49,213 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:35:49,213 INFO L85 PathProgramCache]: Analyzing trace with hash -740652119, now seen corresponding path program 35 times [2024-11-27 23:35:49,213 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:35:49,213 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [998403724] [2024-11-27 23:35:49,213 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:35:49,213 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:35:49,234 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:35:49,234 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:35:49,244 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:35:49,248 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:35:49,249 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:35:49,249 INFO L85 PathProgramCache]: Analyzing trace with hash 2060066430, now seen corresponding path program 36 times [2024-11-27 23:35:49,249 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:35:49,249 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1274613492] [2024-11-27 23:35:49,249 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:35:49,249 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:35:49,265 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:35:49,265 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:35:49,275 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:35:49,278 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:35:49,279 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:35:49,279 INFO L85 PathProgramCache]: Analyzing trace with hash -2077217834, now seen corresponding path program 36 times [2024-11-27 23:35:49,279 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:35:49,279 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1783913596] [2024-11-27 23:35:49,279 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:35:49,279 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:35:49,314 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:35:51,944 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:35:51,944 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1783913596] [2024-11-27 23:35:51,944 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1783913596] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:35:51,944 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [212995484] [2024-11-27 23:35:51,944 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:35:51,944 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:35:51,944 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:35:51,947 INFO L229 MonitoredProcess]: Starting monitored process 76 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:35:51,949 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (76)] Waiting until timeout for monitored process [2024-11-27 23:35:52,331 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:35:52,337 INFO L256 TraceCheckSpWp]: Trace formula consists of 923 conjuncts, 197 conjuncts are in the unsatisfiable core [2024-11-27 23:35:52,342 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:35:54,015 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:35:56,545 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:35:56,546 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:35:56,623 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:35:57,238 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:35:57,238 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 119 treesize of output 95 [2024-11-27 23:36:00,464 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [212995484] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:36:00,464 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:36:00,464 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [50, 48, 48] total 123 [2024-11-27 23:36:00,464 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [291226193] [2024-11-27 23:36:00,465 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:36:05,640 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:36:05,640 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 123 interpolants. [2024-11-27 23:36:05,641 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=391, Invalid=14615, Unknown=0, NotChecked=0, Total=15006 [2024-11-27 23:36:05,641 INFO L87 Difference]: Start difference. First operand 170 states and 212 transitions. cyclomatic complexity: 45 Second operand has 123 states, 123 states have (on average 3.3902439024390243) internal successors, (417), 123 states have internal predecessors, (417), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:36:37,983 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:36:37,983 INFO L93 Difference]: Finished difference Result 859 states and 1067 transitions. [2024-11-27 23:36:37,983 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 859 states and 1067 transitions. [2024-11-27 23:36:37,985 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 677 [2024-11-27 23:36:37,988 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 859 states to 859 states and 1067 transitions. [2024-11-27 23:36:37,988 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 695 [2024-11-27 23:36:37,989 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 695 [2024-11-27 23:36:37,989 INFO L73 IsDeterministic]: Start isDeterministic. Operand 859 states and 1067 transitions. [2024-11-27 23:36:37,989 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:36:37,989 INFO L218 hiAutomatonCegarLoop]: Abstraction has 859 states and 1067 transitions. [2024-11-27 23:36:37,989 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 859 states and 1067 transitions. [2024-11-27 23:36:37,994 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 859 to 452. [2024-11-27 23:36:37,995 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 452 states, 452 states have (on average 1.261061946902655) internal successors, (570), 451 states have internal predecessors, (570), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:36:37,997 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 452 states to 452 states and 570 transitions. [2024-11-27 23:36:37,997 INFO L240 hiAutomatonCegarLoop]: Abstraction has 452 states and 570 transitions. [2024-11-27 23:36:38,000 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 151 states. [2024-11-27 23:36:38,000 INFO L425 stractBuchiCegarLoop]: Abstraction has 452 states and 570 transitions. [2024-11-27 23:36:38,000 INFO L332 stractBuchiCegarLoop]: ======== Iteration 43 ============ [2024-11-27 23:36:38,001 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 452 states and 570 transitions. [2024-11-27 23:36:38,002 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 356 [2024-11-27 23:36:38,002 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:36:38,003 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:36:38,004 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [20, 20, 19, 19, 1, 1, 1, 1, 1, 1] [2024-11-27 23:36:38,004 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [21, 21, 20, 19, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:36:38,005 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:36:38,005 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:36:38,006 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:36:38,006 INFO L85 PathProgramCache]: Analyzing trace with hash -740652119, now seen corresponding path program 36 times [2024-11-27 23:36:38,006 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:36:38,006 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [228193035] [2024-11-27 23:36:38,007 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:36:38,007 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:36:38,034 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:36:38,034 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:36:38,052 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:36:38,060 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:36:38,060 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:36:38,060 INFO L85 PathProgramCache]: Analyzing trace with hash 1939471464, now seen corresponding path program 37 times [2024-11-27 23:36:38,060 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:36:38,060 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1813543622] [2024-11-27 23:36:38,060 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:36:38,061 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:36:38,087 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:36:38,088 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:36:38,105 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:36:38,112 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:36:38,113 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:36:38,113 INFO L85 PathProgramCache]: Analyzing trace with hash 369728960, now seen corresponding path program 37 times [2024-11-27 23:36:38,113 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:36:38,113 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1633536653] [2024-11-27 23:36:38,113 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:36:38,113 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:36:38,175 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:36:40,797 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:36:40,798 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1633536653] [2024-11-27 23:36:40,798 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1633536653] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:36:40,798 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1615176296] [2024-11-27 23:36:40,798 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:36:40,798 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:36:40,798 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:36:40,801 INFO L229 MonitoredProcess]: Starting monitored process 77 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:36:40,802 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (77)] Waiting until timeout for monitored process [2024-11-27 23:36:41,241 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:36:41,248 INFO L256 TraceCheckSpWp]: Trace formula consists of 941 conjuncts, 189 conjuncts are in the unsatisfiable core [2024-11-27 23:36:41,253 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:36:42,905 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:36:43,197 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:36:43,377 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:36:43,817 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1615176296] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:36:43,817 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:36:43,817 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [47, 45, 45] total 71 [2024-11-27 23:36:43,817 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [121338443] [2024-11-27 23:36:43,817 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:36:48,989 WARN L286 SmtUtils]: Spent 5.16s on a formula simplification. DAG size of input: 549 DAG size of output: 402 (called from [L 276] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.cfg.transitions.TransFormulaUtils.sequentialComposition) [2024-11-27 23:36:49,703 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:36:49,703 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 71 interpolants. [2024-11-27 23:36:49,704 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=189, Invalid=4781, Unknown=0, NotChecked=0, Total=4970 [2024-11-27 23:36:49,704 INFO L87 Difference]: Start difference. First operand 452 states and 570 transitions. cyclomatic complexity: 123 Second operand has 71 states, 71 states have (on average 3.676056338028169) internal successors, (261), 71 states have internal predecessors, (261), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:36:56,185 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:36:56,185 INFO L93 Difference]: Finished difference Result 278 states and 343 transitions. [2024-11-27 23:36:56,185 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 278 states and 343 transitions. [2024-11-27 23:36:56,186 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 97 [2024-11-27 23:36:56,186 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 278 states to 194 states and 240 transitions. [2024-11-27 23:36:56,186 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 107 [2024-11-27 23:36:56,187 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 107 [2024-11-27 23:36:56,187 INFO L73 IsDeterministic]: Start isDeterministic. Operand 194 states and 240 transitions. [2024-11-27 23:36:56,187 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:36:56,187 INFO L218 hiAutomatonCegarLoop]: Abstraction has 194 states and 240 transitions. [2024-11-27 23:36:56,187 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 194 states and 240 transitions. [2024-11-27 23:36:56,189 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 194 to 178. [2024-11-27 23:36:56,190 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 178 states, 178 states have (on average 1.247191011235955) internal successors, (222), 177 states have internal predecessors, (222), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:36:56,190 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 178 states to 178 states and 222 transitions. [2024-11-27 23:36:56,190 INFO L240 hiAutomatonCegarLoop]: Abstraction has 178 states and 222 transitions. [2024-11-27 23:36:56,191 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 47 states. [2024-11-27 23:36:56,191 INFO L425 stractBuchiCegarLoop]: Abstraction has 178 states and 222 transitions. [2024-11-27 23:36:56,191 INFO L332 stractBuchiCegarLoop]: ======== Iteration 44 ============ [2024-11-27 23:36:56,191 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 178 states and 222 transitions. [2024-11-27 23:36:56,192 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 89 [2024-11-27 23:36:56,192 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:36:56,192 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:36:56,193 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [21, 21, 20, 20, 1, 1, 1, 1, 1, 1] [2024-11-27 23:36:56,193 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [21, 21, 20, 20, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:36:56,194 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:36:56,194 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:36:56,194 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:36:56,194 INFO L85 PathProgramCache]: Analyzing trace with hash -955655149, now seen corresponding path program 37 times [2024-11-27 23:36:56,194 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:36:56,195 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [773158267] [2024-11-27 23:36:56,195 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:36:56,195 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:36:56,223 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:36:56,223 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:36:56,242 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:36:56,249 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:36:56,249 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:36:56,250 INFO L85 PathProgramCache]: Analyzing trace with hash 1238406886, now seen corresponding path program 38 times [2024-11-27 23:36:56,250 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:36:56,250 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [718896547] [2024-11-27 23:36:56,250 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:36:56,250 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:36:56,275 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:36:56,276 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:36:56,295 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:36:56,302 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:36:56,302 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:36:56,303 INFO L85 PathProgramCache]: Analyzing trace with hash 36021012, now seen corresponding path program 38 times [2024-11-27 23:36:56,303 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:36:56,303 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1488437849] [2024-11-27 23:36:56,303 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:36:56,303 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:36:56,349 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:36:59,502 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:36:59,503 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1488437849] [2024-11-27 23:36:59,503 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1488437849] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:36:59,503 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2134225668] [2024-11-27 23:36:59,503 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:36:59,503 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:36:59,503 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:36:59,505 INFO L229 MonitoredProcess]: Starting monitored process 78 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:36:59,507 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (78)] Waiting until timeout for monitored process [2024-11-27 23:36:59,904 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:36:59,909 INFO L256 TraceCheckSpWp]: Trace formula consists of 964 conjuncts, 205 conjuncts are in the unsatisfiable core [2024-11-27 23:36:59,915 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:37:00,393 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:37:02,548 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:37:02,548 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:37:02,622 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:37:03,204 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:37:03,204 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 119 treesize of output 95 [2024-11-27 23:37:06,490 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2134225668] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:37:06,490 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:37:06,490 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [51, 50, 50] total 100 [2024-11-27 23:37:06,490 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [589880890] [2024-11-27 23:37:06,490 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:37:11,906 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:37:11,906 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 100 interpolants. [2024-11-27 23:37:11,906 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=263, Invalid=9637, Unknown=0, NotChecked=0, Total=9900 [2024-11-27 23:37:11,906 INFO L87 Difference]: Start difference. First operand 178 states and 222 transitions. cyclomatic complexity: 47 Second operand has 100 states, 100 states have (on average 3.47) internal successors, (347), 100 states have internal predecessors, (347), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:37:37,133 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:37:37,133 INFO L93 Difference]: Finished difference Result 902 states and 1121 transitions. [2024-11-27 23:37:37,133 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 902 states and 1121 transitions. [2024-11-27 23:37:37,135 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 712 [2024-11-27 23:37:37,139 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 902 states to 902 states and 1121 transitions. [2024-11-27 23:37:37,139 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 730 [2024-11-27 23:37:37,139 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 730 [2024-11-27 23:37:37,139 INFO L73 IsDeterministic]: Start isDeterministic. Operand 902 states and 1121 transitions. [2024-11-27 23:37:37,140 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:37:37,140 INFO L218 hiAutomatonCegarLoop]: Abstraction has 902 states and 1121 transitions. [2024-11-27 23:37:37,140 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 902 states and 1121 transitions. [2024-11-27 23:37:37,146 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 902 to 474. [2024-11-27 23:37:37,147 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 474 states, 474 states have (on average 1.261603375527426) internal successors, (598), 473 states have internal predecessors, (598), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:37:37,148 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 474 states to 474 states and 598 transitions. [2024-11-27 23:37:37,148 INFO L240 hiAutomatonCegarLoop]: Abstraction has 474 states and 598 transitions. [2024-11-27 23:37:37,149 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 157 states. [2024-11-27 23:37:37,149 INFO L425 stractBuchiCegarLoop]: Abstraction has 474 states and 598 transitions. [2024-11-27 23:37:37,149 INFO L332 stractBuchiCegarLoop]: ======== Iteration 45 ============ [2024-11-27 23:37:37,149 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 474 states and 598 transitions. [2024-11-27 23:37:37,151 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 374 [2024-11-27 23:37:37,151 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:37:37,151 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:37:37,152 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [21, 21, 20, 20, 1, 1, 1, 1, 1, 1] [2024-11-27 23:37:37,152 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [22, 22, 21, 20, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:37:37,152 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:37:37,152 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:37:37,153 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:37:37,153 INFO L85 PathProgramCache]: Analyzing trace with hash -955655149, now seen corresponding path program 38 times [2024-11-27 23:37:37,153 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:37:37,153 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1901589704] [2024-11-27 23:37:37,153 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:37:37,153 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:37:37,175 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:37:37,175 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:37:37,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:37:37,196 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:37:37,197 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:37:37,197 INFO L85 PathProgramCache]: Analyzing trace with hash -262274864, now seen corresponding path program 39 times [2024-11-27 23:37:37,197 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:37:37,197 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1733291593] [2024-11-27 23:37:37,197 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:37:37,198 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:37:37,218 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:37:37,219 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:37:37,232 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:37:37,237 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:37:37,237 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:37:37,237 INFO L85 PathProgramCache]: Analyzing trace with hash 567625214, now seen corresponding path program 39 times [2024-11-27 23:37:37,238 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:37:37,238 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1280073894] [2024-11-27 23:37:37,238 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:37:37,238 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:37:37,284 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:37:40,448 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:37:40,448 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1280073894] [2024-11-27 23:37:40,448 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1280073894] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:37:40,448 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1879069774] [2024-11-27 23:37:40,448 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:37:40,449 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:37:40,449 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:37:40,451 INFO L229 MonitoredProcess]: Starting monitored process 79 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:37:40,453 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (79)] Waiting until timeout for monitored process [2024-11-27 23:37:40,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:37:40,896 INFO L256 TraceCheckSpWp]: Trace formula consists of 982 conjuncts, 197 conjuncts are in the unsatisfiable core [2024-11-27 23:37:40,902 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:37:42,746 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:37:43,068 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:37:43,257 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:37:43,723 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1879069774] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:37:43,723 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:37:43,723 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [49, 47, 47] total 74 [2024-11-27 23:37:43,723 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1486298720] [2024-11-27 23:37:43,723 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:37:49,208 WARN L286 SmtUtils]: Spent 5.47s on a formula simplification. DAG size of input: 572 DAG size of output: 418 (called from [L 276] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.cfg.transitions.TransFormulaUtils.sequentialComposition) [2024-11-27 23:37:50,059 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:37:50,059 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 74 interpolants. [2024-11-27 23:37:50,059 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=197, Invalid=5205, Unknown=0, NotChecked=0, Total=5402 [2024-11-27 23:37:50,060 INFO L87 Difference]: Start difference. First operand 474 states and 598 transitions. cyclomatic complexity: 129 Second operand has 74 states, 74 states have (on average 3.689189189189189) internal successors, (273), 74 states have internal predecessors, (273), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:37:57,575 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:37:57,575 INFO L93 Difference]: Finished difference Result 290 states and 358 transitions. [2024-11-27 23:37:57,575 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 290 states and 358 transitions. [2024-11-27 23:37:57,576 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 101 [2024-11-27 23:37:57,578 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 290 states to 202 states and 250 transitions. [2024-11-27 23:37:57,578 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 111 [2024-11-27 23:37:57,578 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 111 [2024-11-27 23:37:57,578 INFO L73 IsDeterministic]: Start isDeterministic. Operand 202 states and 250 transitions. [2024-11-27 23:37:57,578 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:37:57,578 INFO L218 hiAutomatonCegarLoop]: Abstraction has 202 states and 250 transitions. [2024-11-27 23:37:57,578 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 202 states and 250 transitions. [2024-11-27 23:37:57,579 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 202 to 186. [2024-11-27 23:37:57,580 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 186 states, 186 states have (on average 1.2473118279569892) internal successors, (232), 185 states have internal predecessors, (232), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:37:57,580 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 186 states to 186 states and 232 transitions. [2024-11-27 23:37:57,580 INFO L240 hiAutomatonCegarLoop]: Abstraction has 186 states and 232 transitions. [2024-11-27 23:37:57,581 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 49 states. [2024-11-27 23:37:57,581 INFO L425 stractBuchiCegarLoop]: Abstraction has 186 states and 232 transitions. [2024-11-27 23:37:57,581 INFO L332 stractBuchiCegarLoop]: ======== Iteration 46 ============ [2024-11-27 23:37:57,581 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 186 states and 232 transitions. [2024-11-27 23:37:57,582 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 93 [2024-11-27 23:37:57,582 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:37:57,582 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:37:57,583 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [22, 22, 21, 21, 1, 1, 1, 1, 1, 1] [2024-11-27 23:37:57,583 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [22, 22, 21, 21, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:37:57,584 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:37:57,584 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:37:57,584 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:37:57,585 INFO L85 PathProgramCache]: Analyzing trace with hash -135862403, now seen corresponding path program 39 times [2024-11-27 23:37:57,585 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:37:57,585 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [709333784] [2024-11-27 23:37:57,585 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:37:57,585 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:37:57,614 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:37:57,614 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:37:57,633 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:37:57,640 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:37:57,640 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:37:57,641 INFO L85 PathProgramCache]: Analyzing trace with hash -963339442, now seen corresponding path program 40 times [2024-11-27 23:37:57,641 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:37:57,641 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [858199312] [2024-11-27 23:37:57,641 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:37:57,641 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:37:57,662 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:37:57,662 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:37:57,673 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:37:57,678 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:37:57,678 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:37:57,678 INFO L85 PathProgramCache]: Analyzing trace with hash -1608772270, now seen corresponding path program 40 times [2024-11-27 23:37:57,678 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:37:57,678 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1164640053] [2024-11-27 23:37:57,678 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:37:57,678 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:37:57,716 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:38:01,102 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:38:01,102 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1164640053] [2024-11-27 23:38:01,102 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1164640053] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:38:01,102 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1410134419] [2024-11-27 23:38:01,102 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:38:01,103 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:38:01,103 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:38:01,105 INFO L229 MonitoredProcess]: Starting monitored process 80 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:38:01,107 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (80)] Waiting until timeout for monitored process [2024-11-27 23:38:01,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:38:01,543 INFO L256 TraceCheckSpWp]: Trace formula consists of 1005 conjuncts, 219 conjuncts are in the unsatisfiable core [2024-11-27 23:38:01,549 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:38:03,461 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:38:06,420 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:38:10,847 INFO L349 Elim1Store]: treesize reduction 8, result has 68.0 percent of original size [2024-11-27 23:38:10,848 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 3 select indices, 3 select index equivalence classes, 0 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 3 case distinctions, treesize of input 141 treesize of output 129 [2024-11-27 23:38:15,556 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1410134419] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:38:15,556 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:38:15,556 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [54, 52, 54] total 157 [2024-11-27 23:38:15,556 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [304929462] [2024-11-27 23:38:15,556 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:38:21,558 WARN L286 SmtUtils]: Spent 5.99s on a formula simplification. DAG size of input: 575 DAG size of output: 419 (called from [L 276] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.cfg.transitions.TransFormulaUtils.sequentialComposition) [2024-11-27 23:38:22,412 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:38:22,412 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 157 interpolants. [2024-11-27 23:38:22,413 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=538, Invalid=23954, Unknown=0, NotChecked=0, Total=24492 [2024-11-27 23:38:22,413 INFO L87 Difference]: Start difference. First operand 186 states and 232 transitions. cyclomatic complexity: 49 Second operand has 157 states, 157 states have (on average 3.445859872611465) internal successors, (541), 157 states have internal predecessors, (541), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:39:09,496 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:39:09,496 INFO L93 Difference]: Finished difference Result 945 states and 1175 transitions. [2024-11-27 23:39:09,496 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 945 states and 1175 transitions. [2024-11-27 23:39:09,501 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 747 [2024-11-27 23:39:09,505 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 945 states to 945 states and 1175 transitions. [2024-11-27 23:39:09,505 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 765 [2024-11-27 23:39:09,506 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 765 [2024-11-27 23:39:09,506 INFO L73 IsDeterministic]: Start isDeterministic. Operand 945 states and 1175 transitions. [2024-11-27 23:39:09,506 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:39:09,506 INFO L218 hiAutomatonCegarLoop]: Abstraction has 945 states and 1175 transitions. [2024-11-27 23:39:09,507 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 945 states and 1175 transitions. [2024-11-27 23:39:09,514 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 945 to 496. [2024-11-27 23:39:09,519 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 496 states, 496 states have (on average 1.2620967741935485) internal successors, (626), 495 states have internal predecessors, (626), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:39:09,520 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 496 states to 496 states and 626 transitions. [2024-11-27 23:39:09,524 INFO L240 hiAutomatonCegarLoop]: Abstraction has 496 states and 626 transitions. [2024-11-27 23:39:09,528 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 165 states. [2024-11-27 23:39:09,528 INFO L425 stractBuchiCegarLoop]: Abstraction has 496 states and 626 transitions. [2024-11-27 23:39:09,529 INFO L332 stractBuchiCegarLoop]: ======== Iteration 47 ============ [2024-11-27 23:39:09,529 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 496 states and 626 transitions. [2024-11-27 23:39:09,530 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 392 [2024-11-27 23:39:09,530 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:39:09,531 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:39:09,532 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [22, 22, 21, 21, 1, 1, 1, 1, 1, 1] [2024-11-27 23:39:09,532 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [23, 23, 22, 21, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:39:09,532 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:39:09,533 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:39:09,533 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:39:09,533 INFO L85 PathProgramCache]: Analyzing trace with hash -135862403, now seen corresponding path program 40 times [2024-11-27 23:39:09,533 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:39:09,534 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [555692297] [2024-11-27 23:39:09,534 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:39:09,534 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:39:09,563 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:39:09,563 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:39:09,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:39:09,580 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:39:09,580 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:39:09,580 INFO L85 PathProgramCache]: Analyzing trace with hash -1455845064, now seen corresponding path program 41 times [2024-11-27 23:39:09,580 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:39:09,580 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [938253477] [2024-11-27 23:39:09,580 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:39:09,581 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:39:09,600 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:39:09,600 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:39:09,613 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:39:09,619 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:39:09,620 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:39:09,620 INFO L85 PathProgramCache]: Analyzing trace with hash 514615612, now seen corresponding path program 41 times [2024-11-27 23:39:09,620 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:39:09,620 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [464449432] [2024-11-27 23:39:09,620 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:39:09,620 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:39:09,690 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:39:12,902 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:39:12,902 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [464449432] [2024-11-27 23:39:12,902 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [464449432] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:39:12,902 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [424243670] [2024-11-27 23:39:12,902 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:39:12,902 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:39:12,903 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:39:12,905 INFO L229 MonitoredProcess]: Starting monitored process 81 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:39:12,907 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (81)] Waiting until timeout for monitored process [2024-11-27 23:39:13,352 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:39:13,359 INFO L256 TraceCheckSpWp]: Trace formula consists of 1023 conjuncts, 205 conjuncts are in the unsatisfiable core [2024-11-27 23:39:13,365 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:39:15,303 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:39:15,626 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:39:15,822 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:39:16,325 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [424243670] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:39:16,325 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:39:16,326 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [51, 49, 49] total 77 [2024-11-27 23:39:16,326 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [647591822] [2024-11-27 23:39:16,326 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:39:22,773 WARN L286 SmtUtils]: Spent 6.43s on a formula simplification. DAG size of input: 595 DAG size of output: 434 (called from [L 276] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.cfg.transitions.TransFormulaUtils.sequentialComposition) [2024-11-27 23:39:23,761 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:39:23,762 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 77 interpolants. [2024-11-27 23:39:23,762 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=205, Invalid=5647, Unknown=0, NotChecked=0, Total=5852 [2024-11-27 23:39:23,763 INFO L87 Difference]: Start difference. First operand 496 states and 626 transitions. cyclomatic complexity: 135 Second operand has 77 states, 77 states have (on average 3.7012987012987013) internal successors, (285), 77 states have internal predecessors, (285), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:39:31,879 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:39:31,879 INFO L93 Difference]: Finished difference Result 302 states and 373 transitions. [2024-11-27 23:39:31,879 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 302 states and 373 transitions. [2024-11-27 23:39:31,881 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 105 [2024-11-27 23:39:31,882 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 302 states to 210 states and 260 transitions. [2024-11-27 23:39:31,882 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 115 [2024-11-27 23:39:31,882 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 115 [2024-11-27 23:39:31,882 INFO L73 IsDeterministic]: Start isDeterministic. Operand 210 states and 260 transitions. [2024-11-27 23:39:31,882 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:39:31,882 INFO L218 hiAutomatonCegarLoop]: Abstraction has 210 states and 260 transitions. [2024-11-27 23:39:31,882 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 210 states and 260 transitions. [2024-11-27 23:39:31,884 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 210 to 194. [2024-11-27 23:39:31,885 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 194 states, 194 states have (on average 1.2474226804123711) internal successors, (242), 193 states have internal predecessors, (242), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:39:31,885 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 194 states to 194 states and 242 transitions. [2024-11-27 23:39:31,885 INFO L240 hiAutomatonCegarLoop]: Abstraction has 194 states and 242 transitions. [2024-11-27 23:39:31,885 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 51 states. [2024-11-27 23:39:31,886 INFO L425 stractBuchiCegarLoop]: Abstraction has 194 states and 242 transitions. [2024-11-27 23:39:31,886 INFO L332 stractBuchiCegarLoop]: ======== Iteration 48 ============ [2024-11-27 23:39:31,886 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 194 states and 242 transitions. [2024-11-27 23:39:31,886 INFO L131 ngComponentsAnalysis]: Automaton has 1 accepting balls. 97 [2024-11-27 23:39:31,886 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:39:31,886 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:39:31,888 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [23, 23, 22, 22, 1, 1, 1, 1, 1, 1] [2024-11-27 23:39:31,888 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [23, 23, 22, 22, 1, 1, 1, 1, 1, 1, 1] [2024-11-27 23:39:31,888 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:39:31,888 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:39:31,888 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:39:31,888 INFO L85 PathProgramCache]: Analyzing trace with hash 320613863, now seen corresponding path program 41 times [2024-11-27 23:39:31,889 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:39:31,889 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1955362122] [2024-11-27 23:39:31,889 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:39:31,889 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:39:31,910 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:39:31,910 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:39:31,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:39:31,927 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:39:31,928 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:39:31,928 INFO L85 PathProgramCache]: Analyzing trace with hash 2138057654, now seen corresponding path program 42 times [2024-11-27 23:39:31,928 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:39:31,928 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1338751264] [2024-11-27 23:39:31,928 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:39:31,928 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:39:31,950 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:39:31,950 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:39:31,962 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:39:31,966 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:39:31,967 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:39:31,967 INFO L85 PathProgramCache]: Analyzing trace with hash 1689518736, now seen corresponding path program 42 times [2024-11-27 23:39:31,967 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:39:31,967 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [900892031] [2024-11-27 23:39:31,967 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:39:31,967 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:39:32,014 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:39:36,342 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:39:36,344 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [900892031] [2024-11-27 23:39:36,345 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [900892031] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:39:36,345 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1117461482] [2024-11-27 23:39:36,345 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:39:36,345 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:39:36,345 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:39:36,353 INFO L229 MonitoredProcess]: Starting monitored process 82 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:39:36,357 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (82)] Waiting until timeout for monitored process [2024-11-27 23:39:36,810 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:39:36,817 INFO L256 TraceCheckSpWp]: Trace formula consists of 1046 conjuncts, 221 conjuncts are in the unsatisfiable core [2024-11-27 23:39:36,822 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:39:37,288 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:39:40,333 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:39:40,334 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 27 treesize of output 11 [2024-11-27 23:39:40,427 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:39:41,178 INFO L349 Elim1Store]: treesize reduction 0, result has 100.0 percent of original size [2024-11-27 23:39:41,178 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 115 treesize of output 91 [2024-11-27 23:39:45,575 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1117461482] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:39:45,575 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:39:45,575 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [57, 54, 54] total 110 [2024-11-27 23:39:45,575 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1375478424] [2024-11-27 23:39:45,575 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:39:51,976 WARN L286 SmtUtils]: Spent 6.39s on a formula simplification. DAG size of input: 598 DAG size of output: 435 (called from [L 276] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.cfg.transitions.TransFormulaUtils.sequentialComposition) [2024-11-27 23:39:53,132 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:39:53,132 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 110 interpolants. [2024-11-27 23:39:53,132 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=288, Invalid=11702, Unknown=0, NotChecked=0, Total=11990 [2024-11-27 23:39:53,133 INFO L87 Difference]: Start difference. First operand 194 states and 242 transitions. cyclomatic complexity: 51 Second operand has 110 states, 110 states have (on average 3.4727272727272727) internal successors, (382), 110 states have internal predecessors, (382), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:40:30,757 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-27 23:40:30,757 INFO L93 Difference]: Finished difference Result 988 states and 1229 transitions. [2024-11-27 23:40:30,757 INFO L82 GeneralOperation]: Start removeNonLiveStates. Operand 988 states and 1229 transitions. [2024-11-27 23:40:30,759 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 782 [2024-11-27 23:40:30,762 INFO L88 GeneralOperation]: Finished removeNonLiveStates. Reduced from 988 states to 988 states and 1229 transitions. [2024-11-27 23:40:30,762 INFO L87 BuchiClosureNwa]: Accepting states before buchiClosure: 800 [2024-11-27 23:40:30,762 INFO L106 BuchiClosureNwa]: Accepting states after buchiClosure: 800 [2024-11-27 23:40:30,763 INFO L73 IsDeterministic]: Start isDeterministic. Operand 988 states and 1229 transitions. [2024-11-27 23:40:30,764 INFO L80 IsDeterministic]: Finished isDeterministic. Operand is not deterministic. [2024-11-27 23:40:30,764 INFO L218 hiAutomatonCegarLoop]: Abstraction has 988 states and 1229 transitions. [2024-11-27 23:40:30,764 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 988 states and 1229 transitions. [2024-11-27 23:40:30,771 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 988 to 518. [2024-11-27 23:40:30,772 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 518 states, 518 states have (on average 1.2625482625482625) internal successors, (654), 517 states have internal predecessors, (654), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-27 23:40:30,773 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 518 states to 518 states and 654 transitions. [2024-11-27 23:40:30,774 INFO L240 hiAutomatonCegarLoop]: Abstraction has 518 states and 654 transitions. [2024-11-27 23:40:30,774 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 172 states. [2024-11-27 23:40:30,775 INFO L425 stractBuchiCegarLoop]: Abstraction has 518 states and 654 transitions. [2024-11-27 23:40:30,775 INFO L332 stractBuchiCegarLoop]: ======== Iteration 49 ============ [2024-11-27 23:40:30,775 INFO L72 BuchiIsEmpty]: Start buchiIsEmpty. Operand 518 states and 654 transitions. [2024-11-27 23:40:30,777 INFO L131 ngComponentsAnalysis]: Automaton has 2 accepting balls. 410 [2024-11-27 23:40:30,777 INFO L87 BuchiIsEmpty]: Finished buchiIsEmpty Result is false [2024-11-27 23:40:30,777 INFO L119 BuchiIsEmpty]: Starting construction of run [2024-11-27 23:40:30,778 INFO L148 hiAutomatonCegarLoop]: Counterexample stem histogram [23, 23, 22, 22, 1, 1, 1, 1, 1, 1] [2024-11-27 23:40:30,779 INFO L149 hiAutomatonCegarLoop]: Counterexample loop histogram [24, 24, 23, 22, 2, 1, 1, 1, 1, 1, 1] [2024-11-27 23:40:30,779 INFO L747 eck$LassoCheckResult]: Stem: "assume { :begin_inline_ULTIMATE.init } true;assume 0 == #valid[0];assume 0 < #StackHeapBarrier;" "assume { :end_inline_ULTIMATE.init } true;assume { :begin_inline_main } true;havoc main_#res#1;havoc main_#t~nondet7#1, main_#t~malloc8#1.base, main_#t~malloc8#1.offset, main_#t~ret9#1.base, main_#t~ret9#1.offset, main_~in_len~0#1, main_~in~0#1.base, main_~in~0#1.offset;havoc main_#t~nondet7#1;main_~in_len~0#1 := main_#t~nondet7#1;havoc main_#t~nondet7#1;" "assume !(main_~in_len~0#1 < 1);call main_#t~malloc8#1.base, main_#t~malloc8#1.offset := #Ultimate.allocOnStack(main_~in_len~0#1 % 18446744073709551616);main_~in~0#1.base, main_~in~0#1.offset := main_#t~malloc8#1.base, main_#t~malloc8#1.offset;call write~int#0(0, main_~in~0#1.base, main_~in~0#1.offset + (main_~in_len~0#1 - 1), 1);assume { :begin_inline_basename } true;basename_#in~path#1.base, basename_#in~path#1.offset := main_~in~0#1.base, main_~in~0#1.offset;havoc basename_#res#1.base, basename_#res#1.offset;havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset, basename_#t~mem6#1, basename_~path#1.base, basename_~path#1.offset, basename_~c~0#1.base, basename_~c~0#1.offset;basename_~path#1.base, basename_~path#1.offset := basename_#in~path#1.base, basename_#in~path#1.offset;havoc basename_~c~0#1.base, basename_~c~0#1.offset;" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:40:30,779 INFO L749 eck$LassoCheckResult]: Loop: "basename_#t~ret5#1.base, basename_#t~ret5#1.offset := strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;havoc strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1;assume { :end_inline_strrchr } true;basename_~c~0#1.base, basename_~c~0#1.offset := basename_#t~ret5#1.base, basename_#t~ret5#1.offset;" "assume !(basename_~c~0#1.base == 0 && basename_~c~0#1.offset == 0);havoc basename_#t~ret5#1.base, basename_#t~ret5#1.offset;call basename_#t~mem6#1 := read~int#0(basename_~c~0#1.base, 1 + basename_~c~0#1.offset, 1);" "assume 0 == basename_#t~mem6#1;havoc basename_#t~mem6#1;" "assume !(basename_~c~0#1.base == basename_~path#1.base && basename_~c~0#1.offset == basename_~path#1.offset);call write~int#0(0, basename_~c~0#1.base, basename_~c~0#1.offset, 1);" "assume { :begin_inline_strrchr } true;strrchr_#in~t#1.base, strrchr_#in~t#1.offset, strrchr_#in~c#1 := basename_~path#1.base, basename_~path#1.offset, 47;havoc strrchr_#res#1.base, strrchr_#res#1.offset;havoc strrchr_#t~mem2#1, strrchr_#t~mem3#1, strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset, strrchr_~t#1.base, strrchr_~t#1.offset, strrchr_~c#1, strrchr_~ch~0#1, strrchr_~l~0#1.base, strrchr_~l~0#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_#in~t#1.base, strrchr_#in~t#1.offset;strrchr_~c#1 := strrchr_#in~c#1;havoc strrchr_~ch~0#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := 0, 0;strrchr_~ch~0#1 := (if strrchr_~c#1 % 256 <= 127 then strrchr_~c#1 % 256 else strrchr_~c#1 % 256 - 256);" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume strrchr_#t~mem2#1 == strrchr_~ch~0#1;havoc strrchr_#t~mem2#1;strrchr_~l~0#1.base, strrchr_~l~0#1.offset := strrchr_~t#1.base, strrchr_~t#1.offset;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(0 == strrchr_#t~mem3#1);havoc strrchr_#t~mem3#1;strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;strrchr_~t#1.base, strrchr_~t#1.offset := strrchr_~t#1.base, 1 + strrchr_~t#1.offset;havoc strrchr_#t~pre4#1.base, strrchr_#t~pre4#1.offset;" "call strrchr_#t~mem2#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume !(strrchr_#t~mem2#1 == strrchr_~ch~0#1);havoc strrchr_#t~mem2#1;" "call strrchr_#t~mem3#1 := read~int#0(strrchr_~t#1.base, strrchr_~t#1.offset, 1);" "assume 0 == strrchr_#t~mem3#1;havoc strrchr_#t~mem3#1;strrchr_#res#1.base, strrchr_#res#1.offset := strrchr_~l~0#1.base, strrchr_~l~0#1.offset;" [2024-11-27 23:40:30,780 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:40:30,780 INFO L85 PathProgramCache]: Analyzing trace with hash 320613863, now seen corresponding path program 42 times [2024-11-27 23:40:30,780 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:40:30,780 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1260529414] [2024-11-27 23:40:30,780 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:40:30,780 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:40:30,810 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:40:30,810 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:40:30,832 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:40:30,840 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:40:30,840 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:40:30,840 INFO L85 PathProgramCache]: Analyzing trace with hash 1871097248, now seen corresponding path program 43 times [2024-11-27 23:40:30,840 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:40:30,840 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1383630820] [2024-11-27 23:40:30,841 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:40:30,841 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:40:30,869 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:40:30,869 INFO L357 TraceCheck]: Trace is feasible, we will do another trace check, this time with branch encoders. [2024-11-27 23:40:30,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is sat [2024-11-27 23:40:30,895 INFO L130 FreeRefinementEngine]: Strategy CAMEL_NO_AM found a feasible trace [2024-11-27 23:40:30,895 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-27 23:40:30,896 INFO L85 PathProgramCache]: Analyzing trace with hash -823163014, now seen corresponding path program 43 times [2024-11-27 23:40:30,896 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL_NO_AM [2024-11-27 23:40:30,896 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [954242692] [2024-11-27 23:40:30,896 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:40:30,896 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-27 23:40:30,952 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:40:34,043 INFO L136 FreeRefinementEngine]: Strategy CAMEL_NO_AM found an infeasible trace [2024-11-27 23:40:34,044 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [954242692] [2024-11-27 23:40:34,044 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [954242692] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-27 23:40:34,044 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [863489019] [2024-11-27 23:40:34,044 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-27 23:40:34,044 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-27 23:40:34,045 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 [2024-11-27 23:40:34,047 INFO L229 MonitoredProcess]: Starting monitored process 83 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-27 23:40:34,049 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b3786d7b-eade-438f-964f-36fe9caa7175/bin/uautomizer-verify-aQ6SnzHsRB/z3 -smt2 -in SMTLIB2_COMPLIANT=true (83)] Waiting until timeout for monitored process [2024-11-27 23:40:34,535 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-27 23:40:34,542 INFO L256 TraceCheckSpWp]: Trace formula consists of 1064 conjuncts, 213 conjuncts are in the unsatisfiable core [2024-11-27 23:40:34,548 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-27 23:40:36,756 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-27 23:40:37,094 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-27 23:40:37,293 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 2, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 31 treesize of output 25 [2024-11-27 23:40:37,767 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [863489019] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-27 23:40:37,768 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-27 23:40:37,768 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [53, 51, 51] total 80 [2024-11-27 23:40:37,768 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2072665046] [2024-11-27 23:40:37,768 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-27 23:40:44,707 WARN L286 SmtUtils]: Spent 6.93s on a formula simplification. DAG size of input: 618 DAG size of output: 450 (called from [L 276] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.cfg.transitions.TransFormulaUtils.sequentialComposition) [2024-11-27 23:40:45,788 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL_NO_AM [2024-11-27 23:40:45,789 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 80 interpolants. [2024-11-27 23:40:45,789 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=213, Invalid=6107, Unknown=0, NotChecked=0, Total=6320 [2024-11-27 23:40:45,789 INFO L87 Difference]: Start difference. First operand 518 states and 654 transitions. cyclomatic complexity: 141 Second operand has 80 states, 80 states have (on average 3.7125) internal successors, (297), 80 states have internal predecessors, (297), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0)