./Ultimate.py --spec ../../sv-benchmarks/c/properties/valid-memsafety.prp --file ../../sv-benchmarks/c/memsafety/test-0234-2.i --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version a0165632 Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/config/TaipanMemDerefMemtrack.xml -i ../../sv-benchmarks/c/memsafety/test-0234-2.i -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/config/svcomp-DerefFreeMemtrack-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 3248e88e6fd49fdcf0a9f78f1aa9e69276951d353f75f39f6bb30d51b2e53989 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-a016563 [2024-11-09 06:57:57,858 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-09 06:57:57,970 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/config/svcomp-DerefFreeMemtrack-32bit-Taipan_Default.epf [2024-11-09 06:57:57,979 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-09 06:57:57,980 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-09 06:57:58,033 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-09 06:57:58,034 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-09 06:57:58,035 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-09 06:57:58,035 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-09 06:57:58,036 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-09 06:57:58,036 INFO L153 SettingsManager]: * User list type=DISABLED [2024-11-09 06:57:58,037 INFO L151 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2024-11-09 06:57:58,037 INFO L153 SettingsManager]: * Explicit value domain=true [2024-11-09 06:57:58,039 INFO L153 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2024-11-09 06:57:58,040 INFO L153 SettingsManager]: * Octagon Domain=false [2024-11-09 06:57:58,040 INFO L153 SettingsManager]: * Abstract domain=CompoundDomain [2024-11-09 06:57:58,041 INFO L153 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2024-11-09 06:57:58,041 INFO L153 SettingsManager]: * Use the RCFG-of-the-future interface=true [2024-11-09 06:57:58,041 INFO L153 SettingsManager]: * Interval Domain=false [2024-11-09 06:57:58,042 INFO L151 SettingsManager]: Preferences of Sifa differ from their defaults: [2024-11-09 06:57:58,045 INFO L153 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2024-11-09 06:57:58,048 INFO L153 SettingsManager]: * Simplification Technique=POLY_PAC [2024-11-09 06:57:58,049 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-09 06:57:58,049 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-09 06:57:58,050 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-09 06:57:58,050 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-09 06:57:58,051 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-09 06:57:58,051 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-09 06:57:58,051 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-09 06:57:58,051 INFO L153 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2024-11-09 06:57:58,052 INFO L153 SettingsManager]: * Bitprecise bitfields=true [2024-11-09 06:57:58,052 INFO L153 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2024-11-09 06:57:58,053 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-09 06:57:58,054 INFO L153 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2024-11-09 06:57:58,055 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-09 06:57:58,055 INFO L153 SettingsManager]: * Check unreachability of reach_error function=false [2024-11-09 06:57:58,055 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-09 06:57:58,056 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-09 06:57:58,057 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-09 06:57:58,057 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-09 06:57:58,057 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-09 06:57:58,058 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2024-11-09 06:57:58,058 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-09 06:57:58,059 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-09 06:57:58,059 INFO L153 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2024-11-09 06:57:58,060 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-09 06:57:58,060 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-09 06:57:58,060 INFO L153 SettingsManager]: * Trace refinement exception blacklist=NONE [2024-11-09 06:57:58,060 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-09 06:57:58,061 INFO L153 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 3248e88e6fd49fdcf0a9f78f1aa9e69276951d353f75f39f6bb30d51b2e53989 [2024-11-09 06:57:58,508 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-09 06:57:58,545 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-09 06:57:58,549 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-09 06:57:58,550 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-09 06:57:58,551 INFO L274 PluginConnector]: CDTParser initialized [2024-11-09 06:57:58,552 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/../../sv-benchmarks/c/memsafety/test-0234-2.i Unable to find full path for "g++" [2024-11-09 06:58:01,101 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-09 06:58:01,512 INFO L384 CDTParser]: Found 1 translation units. [2024-11-09 06:58:01,513 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/sv-benchmarks/c/memsafety/test-0234-2.i [2024-11-09 06:58:01,540 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/data/8db3b1dfd/f327b90253144f718f8c0d1f475ae2ea/FLAGe90e203e4 [2024-11-09 06:58:01,713 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/data/8db3b1dfd/f327b90253144f718f8c0d1f475ae2ea [2024-11-09 06:58:01,717 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-09 06:58:01,719 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-09 06:58:01,722 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-09 06:58:01,723 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-09 06:58:01,730 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-09 06:58:01,731 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 06:58:01" (1/1) ... [2024-11-09 06:58:01,733 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@14843a26 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:01, skipping insertion in model container [2024-11-09 06:58:01,733 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 06:58:01" (1/1) ... [2024-11-09 06:58:01,812 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-09 06:58:02,455 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 06:58:02,474 INFO L200 MainTranslator]: Completed pre-run [2024-11-09 06:58:02,579 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 06:58:02,641 INFO L204 MainTranslator]: Completed translation [2024-11-09 06:58:02,642 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02 WrapperNode [2024-11-09 06:58:02,642 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-09 06:58:02,644 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-09 06:58:02,644 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-09 06:58:02,644 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-09 06:58:02,655 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02" (1/1) ... [2024-11-09 06:58:02,688 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02" (1/1) ... [2024-11-09 06:58:02,733 INFO L138 Inliner]: procedures = 188, calls = 58, calls flagged for inlining = 14, calls inlined = 14, statements flattened = 197 [2024-11-09 06:58:02,734 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-09 06:58:02,735 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-09 06:58:02,736 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-09 06:58:02,736 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-09 06:58:02,748 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02" (1/1) ... [2024-11-09 06:58:02,749 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02" (1/1) ... [2024-11-09 06:58:02,758 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02" (1/1) ... [2024-11-09 06:58:02,759 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02" (1/1) ... [2024-11-09 06:58:02,782 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02" (1/1) ... [2024-11-09 06:58:02,796 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02" (1/1) ... [2024-11-09 06:58:02,801 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02" (1/1) ... [2024-11-09 06:58:02,807 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02" (1/1) ... [2024-11-09 06:58:02,813 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-09 06:58:02,815 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-09 06:58:02,815 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-09 06:58:02,815 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-09 06:58:02,816 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02" (1/1) ... [2024-11-09 06:58:02,837 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2024-11-09 06:58:02,852 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:58:02,868 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2024-11-09 06:58:02,881 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2024-11-09 06:58:02,921 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2024-11-09 06:58:02,921 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-09 06:58:02,921 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2024-11-09 06:58:02,921 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2024-11-09 06:58:02,922 INFO L130 BoogieDeclarations]: Found specification of procedure zalloc_or_die [2024-11-09 06:58:02,924 INFO L138 BoogieDeclarations]: Found implementation of procedure zalloc_or_die [2024-11-09 06:58:02,924 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2024-11-09 06:58:02,924 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2024-11-09 06:58:02,925 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2024-11-09 06:58:02,925 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-09 06:58:02,925 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-09 06:58:03,169 INFO L238 CfgBuilder]: Building ICFG [2024-11-09 06:58:03,172 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-09 06:58:04,037 INFO L? ?]: Removed 190 outVars from TransFormulas that were not future-live. [2024-11-09 06:58:04,038 INFO L287 CfgBuilder]: Performing block encoding [2024-11-09 06:58:04,154 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-09 06:58:04,154 INFO L316 CfgBuilder]: Removed 10 assume(true) statements. [2024-11-09 06:58:04,155 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.11 06:58:04 BoogieIcfgContainer [2024-11-09 06:58:04,155 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-09 06:58:04,160 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-09 06:58:04,160 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-09 06:58:04,164 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-09 06:58:04,165 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.11 06:58:01" (1/3) ... [2024-11-09 06:58:04,166 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@154e3694 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 06:58:04, skipping insertion in model container [2024-11-09 06:58:04,166 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:58:02" (2/3) ... [2024-11-09 06:58:04,167 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@154e3694 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 06:58:04, skipping insertion in model container [2024-11-09 06:58:04,167 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.11 06:58:04" (3/3) ... [2024-11-09 06:58:04,169 INFO L112 eAbstractionObserver]: Analyzing ICFG test-0234-2.i [2024-11-09 06:58:04,195 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:None NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-09 06:58:04,195 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 70 error locations. [2024-11-09 06:58:04,276 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-09 06:58:04,284 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=None, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@3eead430, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-09 06:58:04,284 INFO L334 AbstractCegarLoop]: Starting to check reachability of 70 error locations. [2024-11-09 06:58:04,289 INFO L276 IsEmpty]: Start isEmpty. Operand has 150 states, 72 states have (on average 2.263888888888889) internal successors, (163), 142 states have internal predecessors, (163), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2024-11-09 06:58:04,299 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 4 [2024-11-09 06:58:04,299 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:58:04,300 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1] [2024-11-09 06:58:04,301 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting ULTIMATE.startErr32REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 06:58:04,308 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:58:04,309 INFO L85 PathProgramCache]: Analyzing trace with hash 341666, now seen corresponding path program 1 times [2024-11-09 06:58:04,324 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:58:04,325 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1970319542] [2024-11-09 06:58:04,325 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:04,326 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:58:04,452 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:58:04,507 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 06:58:04,508 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:58:04,508 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1970319542] [2024-11-09 06:58:04,509 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1970319542] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:58:04,510 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:58:04,510 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-09 06:58:04,512 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1843615180] [2024-11-09 06:58:04,513 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:58:04,519 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-09 06:58:04,519 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:58:04,566 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-09 06:58:04,567 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 06:58:04,571 INFO L87 Difference]: Start difference. First operand has 150 states, 72 states have (on average 2.263888888888889) internal successors, (163), 142 states have internal predecessors, (163), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) Second operand has 2 states, 2 states have (on average 1.5) internal successors, (3), 2 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 06:58:04,711 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:58:04,711 INFO L93 Difference]: Finished difference Result 150 states and 165 transitions. [2024-11-09 06:58:04,715 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-09 06:58:04,717 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 1.5) internal successors, (3), 2 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 3 [2024-11-09 06:58:04,717 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:58:04,730 INFO L225 Difference]: With dead ends: 150 [2024-11-09 06:58:04,730 INFO L226 Difference]: Without dead ends: 149 [2024-11-09 06:58:04,733 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 06:58:04,741 INFO L432 NwaCegarLoop]: 141 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 24 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 141 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 24 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 06:58:04,743 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 141 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 24 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 06:58:04,769 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 149 states. [2024-11-09 06:58:04,810 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 149 to 149. [2024-11-09 06:58:04,814 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 72 states have (on average 2.111111111111111) internal successors, (152), 141 states have internal predecessors, (152), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2024-11-09 06:58:04,821 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 164 transitions. [2024-11-09 06:58:04,822 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 164 transitions. Word has length 3 [2024-11-09 06:58:04,822 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:58:04,823 INFO L471 AbstractCegarLoop]: Abstraction has 149 states and 164 transitions. [2024-11-09 06:58:04,823 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 1.5) internal successors, (3), 2 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 06:58:04,823 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 164 transitions. [2024-11-09 06:58:04,824 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 6 [2024-11-09 06:58:04,824 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:58:04,824 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1] [2024-11-09 06:58:04,825 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-09 06:58:04,825 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting zalloc_or_dieErr0ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 06:58:04,826 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:58:04,826 INFO L85 PathProgramCache]: Analyzing trace with hash 324623934, now seen corresponding path program 1 times [2024-11-09 06:58:04,826 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:58:04,827 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1810165516] [2024-11-09 06:58:04,828 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:04,828 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:58:04,894 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:58:05,057 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 06:58:05,058 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:58:05,058 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1810165516] [2024-11-09 06:58:05,058 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1810165516] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:58:05,059 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:58:05,059 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-09 06:58:05,059 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2131590410] [2024-11-09 06:58:05,059 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:58:05,062 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-09 06:58:05,062 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:58:05,063 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-09 06:58:05,064 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 06:58:05,065 INFO L87 Difference]: Start difference. First operand 149 states and 164 transitions. Second operand has 3 states, 2 states have (on average 2.0) internal successors, (4), 3 states have internal predecessors, (4), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 06:58:05,303 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:58:05,303 INFO L93 Difference]: Finished difference Result 148 states and 163 transitions. [2024-11-09 06:58:05,304 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-09 06:58:05,304 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 2.0) internal successors, (4), 3 states have internal predecessors, (4), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 5 [2024-11-09 06:58:05,304 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:58:05,306 INFO L225 Difference]: With dead ends: 148 [2024-11-09 06:58:05,306 INFO L226 Difference]: Without dead ends: 148 [2024-11-09 06:58:05,307 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 06:58:05,309 INFO L432 NwaCegarLoop]: 136 mSDtfsCounter, 3 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 93 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 229 SdHoareTripleChecker+Invalid, 93 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 93 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 06:58:05,310 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 229 Invalid, 93 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 93 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 06:58:05,311 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 148 states. [2024-11-09 06:58:05,322 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 148 to 148. [2024-11-09 06:58:05,323 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 72 states have (on average 2.0972222222222223) internal successors, (151), 140 states have internal predecessors, (151), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2024-11-09 06:58:05,325 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 163 transitions. [2024-11-09 06:58:05,325 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 163 transitions. Word has length 5 [2024-11-09 06:58:05,326 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:58:05,326 INFO L471 AbstractCegarLoop]: Abstraction has 148 states and 163 transitions. [2024-11-09 06:58:05,326 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 2.0) internal successors, (4), 3 states have internal predecessors, (4), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 06:58:05,327 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 163 transitions. [2024-11-09 06:58:05,327 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 7 [2024-11-09 06:58:05,327 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:58:05,328 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1] [2024-11-09 06:58:05,328 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-09 06:58:05,329 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting zalloc_or_dieErr1ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 06:58:05,329 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:58:05,330 INFO L85 PathProgramCache]: Analyzing trace with hash 1473407668, now seen corresponding path program 1 times [2024-11-09 06:58:05,330 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:58:05,330 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [510092219] [2024-11-09 06:58:05,331 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:05,331 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:58:05,388 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unknown [2024-11-09 06:58:05,391 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [24455891] [2024-11-09 06:58:05,392 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:05,392 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:05,392 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:58:05,395 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:58:05,405 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-09 06:58:05,536 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:58:05,538 INFO L255 TraceCheckSpWp]: Trace formula consists of 83 conjuncts, 24 conjuncts are in the unsatisfiable core [2024-11-09 06:58:05,550 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:58:05,718 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2024-11-09 06:58:05,765 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 06:58:05,765 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-09 06:58:05,765 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:58:05,766 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [510092219] [2024-11-09 06:58:05,767 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2024-11-09 06:58:05,767 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [24455891] [2024-11-09 06:58:05,767 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [24455891] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:58:05,768 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:58:05,768 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-09 06:58:05,768 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1356550730] [2024-11-09 06:58:05,768 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:58:05,769 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-09 06:58:05,769 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:58:05,770 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-09 06:58:05,770 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-09 06:58:05,770 INFO L87 Difference]: Start difference. First operand 148 states and 163 transitions. Second operand has 4 states, 3 states have (on average 1.6666666666666667) internal successors, (5), 3 states have internal predecessors, (5), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 06:58:06,110 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:58:06,110 INFO L93 Difference]: Finished difference Result 153 states and 168 transitions. [2024-11-09 06:58:06,111 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-09 06:58:06,111 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 1.6666666666666667) internal successors, (5), 3 states have internal predecessors, (5), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 6 [2024-11-09 06:58:06,111 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:58:06,113 INFO L225 Difference]: With dead ends: 153 [2024-11-09 06:58:06,113 INFO L226 Difference]: Without dead ends: 153 [2024-11-09 06:58:06,113 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-09 06:58:06,119 INFO L432 NwaCegarLoop]: 131 mSDtfsCounter, 7 mSDsluCounter, 227 mSDsCounter, 0 mSdLazyCounter, 126 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 7 SdHoareTripleChecker+Valid, 358 SdHoareTripleChecker+Invalid, 130 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 126 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-09 06:58:06,119 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [7 Valid, 358 Invalid, 130 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-09 06:58:06,121 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2024-11-09 06:58:06,171 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 153. [2024-11-09 06:58:06,171 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 76 states have (on average 2.0526315789473686) internal successors, (156), 144 states have internal predecessors, (156), 6 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2024-11-09 06:58:06,175 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 168 transitions. [2024-11-09 06:58:06,175 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 168 transitions. Word has length 6 [2024-11-09 06:58:06,176 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:58:06,176 INFO L471 AbstractCegarLoop]: Abstraction has 153 states and 168 transitions. [2024-11-09 06:58:06,176 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 1.6666666666666667) internal successors, (5), 3 states have internal predecessors, (5), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 06:58:06,176 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 168 transitions. [2024-11-09 06:58:06,178 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2024-11-09 06:58:06,178 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:58:06,180 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:58:06,212 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-09 06:58:06,381 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:06,382 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting zalloc_or_dieErr1ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 06:58:06,382 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:58:06,383 INFO L85 PathProgramCache]: Analyzing trace with hash 1909757316, now seen corresponding path program 1 times [2024-11-09 06:58:06,383 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:58:06,383 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [198887307] [2024-11-09 06:58:06,383 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:06,384 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:58:06,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unknown [2024-11-09 06:58:06,583 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [1806611731] [2024-11-09 06:58:06,583 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:06,584 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:06,584 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:58:06,586 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:58:06,589 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-09 06:58:06,877 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:58:06,881 INFO L255 TraceCheckSpWp]: Trace formula consists of 455 conjuncts, 29 conjuncts are in the unsatisfiable core [2024-11-09 06:58:06,891 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:58:06,944 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2024-11-09 06:58:07,032 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-09 06:58:07,117 INFO L134 CoverageAnalysis]: Checked inductivity of 65 backedges. 47 proven. 0 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2024-11-09 06:58:07,118 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-09 06:58:07,119 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:58:07,119 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [198887307] [2024-11-09 06:58:07,119 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2024-11-09 06:58:07,119 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1806611731] [2024-11-09 06:58:07,120 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1806611731] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:58:07,120 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:58:07,120 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 06:58:07,122 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2088221875] [2024-11-09 06:58:07,122 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:58:07,123 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 06:58:07,123 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:58:07,126 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 06:58:07,126 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 06:58:07,127 INFO L87 Difference]: Start difference. First operand 153 states and 168 transitions. Second operand has 5 states, 4 states have (on average 6.0) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-09 06:58:07,479 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:58:07,479 INFO L93 Difference]: Finished difference Result 157 states and 172 transitions. [2024-11-09 06:58:07,480 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 06:58:07,480 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 6.0) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 45 [2024-11-09 06:58:07,481 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:58:07,483 INFO L225 Difference]: With dead ends: 157 [2024-11-09 06:58:07,483 INFO L226 Difference]: Without dead ends: 155 [2024-11-09 06:58:07,484 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 45 GetRequests, 41 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2024-11-09 06:58:07,485 INFO L432 NwaCegarLoop]: 136 mSDtfsCounter, 3 mSDsluCounter, 356 mSDsCounter, 0 mSdLazyCounter, 155 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 492 SdHoareTripleChecker+Invalid, 160 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 155 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-09 06:58:07,488 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 492 Invalid, 160 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 155 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-09 06:58:07,489 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 155 states. [2024-11-09 06:58:07,500 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 155 to 155. [2024-11-09 06:58:07,501 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 155 states, 78 states have (on average 2.0256410256410255) internal successors, (158), 146 states have internal predecessors, (158), 6 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 6 states have call predecessors, (6), 6 states have call successors, (6) [2024-11-09 06:58:07,502 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 155 states to 155 states and 170 transitions. [2024-11-09 06:58:07,503 INFO L78 Accepts]: Start accepts. Automaton has 155 states and 170 transitions. Word has length 45 [2024-11-09 06:58:07,503 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:58:07,503 INFO L471 AbstractCegarLoop]: Abstraction has 155 states and 170 transitions. [2024-11-09 06:58:07,504 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 6.0) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-09 06:58:07,504 INFO L276 IsEmpty]: Start isEmpty. Operand 155 states and 170 transitions. [2024-11-09 06:58:07,505 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-09 06:58:07,506 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:58:07,506 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 5, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:58:07,535 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-09 06:58:07,707 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:07,708 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting zalloc_or_dieErr1ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 06:58:07,708 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:58:07,709 INFO L85 PathProgramCache]: Analyzing trace with hash -225579234, now seen corresponding path program 1 times [2024-11-09 06:58:07,709 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:58:07,709 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [564155201] [2024-11-09 06:58:07,710 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:07,710 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:58:08,100 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unknown [2024-11-09 06:58:08,119 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [812096865] [2024-11-09 06:58:08,120 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:08,120 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:08,120 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:58:08,129 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:58:08,132 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-11-09 06:58:08,515 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:58:08,520 INFO L255 TraceCheckSpWp]: Trace formula consists of 530 conjuncts, 31 conjuncts are in the unsatisfiable core [2024-11-09 06:58:08,526 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:58:08,588 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2024-11-09 06:58:08,641 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-09 06:58:08,787 INFO L134 CoverageAnalysis]: Checked inductivity of 100 backedges. 70 proven. 5 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2024-11-09 06:58:08,790 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 06:58:09,185 INFO L134 CoverageAnalysis]: Checked inductivity of 100 backedges. 29 proven. 15 refuted. 0 times theorem prover too weak. 56 trivial. 0 not checked. [2024-11-09 06:58:09,185 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:58:09,186 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [564155201] [2024-11-09 06:58:09,186 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2024-11-09 06:58:09,186 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [812096865] [2024-11-09 06:58:09,187 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [812096865] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 06:58:09,187 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [444721800] [2024-11-09 06:58:09,214 INFO L159 IcfgInterpreter]: Started Sifa with 23 locations of interest [2024-11-09 06:58:09,214 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 06:58:09,220 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 06:58:09,228 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 06:58:09,229 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 06:58:11,690 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 06:58:12,192 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 06:58:14,346 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSifa [444721800] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:58:14,346 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2024-11-09 06:58:14,346 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [15] imperfect sequences [7, 6] total 26 [2024-11-09 06:58:14,347 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1548557663] [2024-11-09 06:58:14,347 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:58:14,349 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 17 states [2024-11-09 06:58:14,350 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:58:14,350 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2024-11-09 06:58:14,351 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=88, Invalid=562, Unknown=0, NotChecked=0, Total=650 [2024-11-09 06:58:14,355 INFO L87 Difference]: Start difference. First operand 155 states and 170 transitions. Second operand has 17 states, 10 states have (on average 1.7) internal successors, (17), 13 states have internal predecessors, (17), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) [2024-11-09 06:58:16,852 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:58:16,853 INFO L93 Difference]: Finished difference Result 231 states and 260 transitions. [2024-11-09 06:58:16,853 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-11-09 06:58:16,854 INFO L78 Accepts]: Start accepts. Automaton has has 17 states, 10 states have (on average 1.7) internal successors, (17), 13 states have internal predecessors, (17), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) Word has length 50 [2024-11-09 06:58:16,854 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:58:16,855 INFO L225 Difference]: With dead ends: 231 [2024-11-09 06:58:16,856 INFO L226 Difference]: Without dead ends: 231 [2024-11-09 06:58:16,857 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 153 GetRequests, 117 SyntacticMatches, 7 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 230 ImplicationChecksByTransitivity, 3.1s TimeCoverageRelationStatistics Valid=131, Invalid=799, Unknown=0, NotChecked=0, Total=930 [2024-11-09 06:58:16,858 INFO L432 NwaCegarLoop]: 96 mSDtfsCounter, 86 mSDsluCounter, 724 mSDsCounter, 0 mSdLazyCounter, 927 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 87 SdHoareTripleChecker+Valid, 820 SdHoareTripleChecker+Invalid, 932 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 927 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.7s IncrementalHoareTripleChecker+Time [2024-11-09 06:58:16,863 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [87 Valid, 820 Invalid, 932 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 927 Invalid, 0 Unknown, 0 Unchecked, 1.7s Time] [2024-11-09 06:58:16,864 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 231 states. [2024-11-09 06:58:16,877 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 231 to 200. [2024-11-09 06:58:16,882 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 200 states, 115 states have (on average 1.9739130434782608) internal successors, (227), 183 states have internal predecessors, (227), 12 states have call successors, (12), 4 states have call predecessors, (12), 4 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-09 06:58:16,883 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 200 states to 200 states and 251 transitions. [2024-11-09 06:58:16,886 INFO L78 Accepts]: Start accepts. Automaton has 200 states and 251 transitions. Word has length 50 [2024-11-09 06:58:16,887 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:58:16,887 INFO L471 AbstractCegarLoop]: Abstraction has 200 states and 251 transitions. [2024-11-09 06:58:16,887 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 17 states, 10 states have (on average 1.7) internal successors, (17), 13 states have internal predecessors, (17), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) [2024-11-09 06:58:16,887 INFO L276 IsEmpty]: Start isEmpty. Operand 200 states and 251 transitions. [2024-11-09 06:58:16,889 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-09 06:58:16,889 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:58:16,890 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:58:16,916 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2024-11-09 06:58:17,093 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:17,094 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 06:58:17,095 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:58:17,095 INFO L85 PathProgramCache]: Analyzing trace with hash 238522086, now seen corresponding path program 1 times [2024-11-09 06:58:17,095 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:58:17,095 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1173027430] [2024-11-09 06:58:17,095 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:17,096 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:58:17,176 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:58:17,896 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 67 proven. 1 refuted. 0 times theorem prover too weak. 58 trivial. 0 not checked. [2024-11-09 06:58:17,896 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:58:17,896 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1173027430] [2024-11-09 06:58:17,898 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1173027430] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:58:17,898 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1746546999] [2024-11-09 06:58:17,898 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:17,898 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:17,899 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:58:17,901 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:58:17,902 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2024-11-09 06:58:18,181 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:58:18,189 INFO L255 TraceCheckSpWp]: Trace formula consists of 565 conjuncts, 18 conjuncts are in the unsatisfiable core [2024-11-09 06:58:18,195 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:58:18,284 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1) |c_#valid|)) is different from true [2024-11-09 06:58:18,322 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2024-11-09 06:58:18,322 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2024-11-09 06:58:18,337 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 61 proven. 1 refuted. 0 times theorem prover too weak. 58 trivial. 6 not checked. [2024-11-09 06:58:18,339 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 06:58:18,602 INFO L349 Elim1Store]: treesize reduction 5, result has 37.5 percent of original size [2024-11-09 06:58:18,602 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 11 [2024-11-09 06:58:18,625 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 61 proven. 7 refuted. 0 times theorem prover too weak. 58 trivial. 0 not checked. [2024-11-09 06:58:18,625 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1746546999] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 06:58:18,625 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1720543628] [2024-11-09 06:58:18,628 INFO L159 IcfgInterpreter]: Started Sifa with 24 locations of interest [2024-11-09 06:58:18,628 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 06:58:18,628 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 06:58:18,629 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 06:58:18,629 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 06:58:20,256 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 06:58:20,530 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 06:58:23,448 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '2624#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_92| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_69| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_61| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_70| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_70| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_92| 4294967296)) (= 0 |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_61|) (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_69| 0) (= |ULTIMATE.start_l4_insert_#t~ret7#1.offset| 0) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_92|))) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (not (= |ULTIMATE.start_l4_insert_#t~ret7#1.base| 0)) (exists ((|v_ULTIMATE.start_l4_insert_~item~0#1.base_22| Int)) (not (= (select |#valid| |v_ULTIMATE.start_l4_insert_~item~0#1.base_22|) 1))))' at error location [2024-11-09 06:58:23,449 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 06:58:23,449 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 06:58:23,449 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 9, 8] total 13 [2024-11-09 06:58:23,452 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1361362345] [2024-11-09 06:58:23,452 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 06:58:23,453 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2024-11-09 06:58:23,453 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:58:23,454 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2024-11-09 06:58:23,455 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=97, Invalid=776, Unknown=1, NotChecked=56, Total=930 [2024-11-09 06:58:23,455 INFO L87 Difference]: Start difference. First operand 200 states and 251 transitions. Second operand has 14 states, 11 states have (on average 3.5454545454545454) internal successors, (39), 12 states have internal predecessors, (39), 2 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (8), 3 states have call predecessors, (8), 2 states have call successors, (8) [2024-11-09 06:58:24,570 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:58:24,570 INFO L93 Difference]: Finished difference Result 198 states and 247 transitions. [2024-11-09 06:58:24,576 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-09 06:58:24,580 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 11 states have (on average 3.5454545454545454) internal successors, (39), 12 states have internal predecessors, (39), 2 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (8), 3 states have call predecessors, (8), 2 states have call successors, (8) Word has length 54 [2024-11-09 06:58:24,581 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:58:24,583 INFO L225 Difference]: With dead ends: 198 [2024-11-09 06:58:24,583 INFO L226 Difference]: Without dead ends: 198 [2024-11-09 06:58:24,587 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 172 GetRequests, 131 SyntacticMatches, 10 SemanticMatches, 31 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 245 ImplicationChecksByTransitivity, 3.2s TimeCoverageRelationStatistics Valid=112, Invalid=883, Unknown=1, NotChecked=60, Total=1056 [2024-11-09 06:58:24,591 INFO L432 NwaCegarLoop]: 126 mSDtfsCounter, 15 mSDsluCounter, 766 mSDsCounter, 0 mSdLazyCounter, 663 mSolverCounterSat, 16 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 892 SdHoareTripleChecker+Invalid, 836 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 16 IncrementalHoareTripleChecker+Valid, 663 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 157 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2024-11-09 06:58:24,592 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 892 Invalid, 836 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [16 Valid, 663 Invalid, 0 Unknown, 157 Unchecked, 1.0s Time] [2024-11-09 06:58:24,598 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 198 states. [2024-11-09 06:58:24,631 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 198 to 198. [2024-11-09 06:58:24,640 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 198 states, 115 states have (on average 1.9391304347826086) internal successors, (223), 181 states have internal predecessors, (223), 12 states have call successors, (12), 4 states have call predecessors, (12), 4 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-09 06:58:24,645 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 198 states to 198 states and 247 transitions. [2024-11-09 06:58:24,649 INFO L78 Accepts]: Start accepts. Automaton has 198 states and 247 transitions. Word has length 54 [2024-11-09 06:58:24,650 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:58:24,650 INFO L471 AbstractCegarLoop]: Abstraction has 198 states and 247 transitions. [2024-11-09 06:58:24,650 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 11 states have (on average 3.5454545454545454) internal successors, (39), 12 states have internal predecessors, (39), 2 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (8), 3 states have call predecessors, (8), 2 states have call successors, (8) [2024-11-09 06:58:24,651 INFO L276 IsEmpty]: Start isEmpty. Operand 198 states and 247 transitions. [2024-11-09 06:58:24,652 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-09 06:58:24,652 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:58:24,653 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:58:24,743 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2024-11-09 06:58:24,861 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5,5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:24,863 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 06:58:24,863 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:58:24,863 INFO L85 PathProgramCache]: Analyzing trace with hash 238522087, now seen corresponding path program 1 times [2024-11-09 06:58:24,864 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:58:24,864 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [81085686] [2024-11-09 06:58:24,864 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:24,864 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:58:25,062 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unknown [2024-11-09 06:58:25,067 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [2142211785] [2024-11-09 06:58:25,068 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:25,068 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:25,068 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:58:25,070 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:58:25,072 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2024-11-09 06:58:25,518 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:58:25,523 INFO L255 TraceCheckSpWp]: Trace formula consists of 565 conjuncts, 46 conjuncts are in the unsatisfiable core [2024-11-09 06:58:25,537 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:58:25,563 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2024-11-09 06:58:25,852 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 06:58:25,896 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 06:58:25,897 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 9 [2024-11-09 06:58:25,911 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2024-11-09 06:58:25,912 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2024-11-09 06:58:25,939 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 61 proven. 0 refuted. 0 times theorem prover too weak. 58 trivial. 7 not checked. [2024-11-09 06:58:25,940 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 06:58:26,111 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:58:26,115 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [81085686] [2024-11-09 06:58:26,115 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2024-11-09 06:58:26,115 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2142211785] [2024-11-09 06:58:26,115 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2142211785] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:58:26,116 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [334346572] [2024-11-09 06:58:26,119 INFO L159 IcfgInterpreter]: Started Sifa with 24 locations of interest [2024-11-09 06:58:26,122 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 06:58:26,123 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 06:58:26,123 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 06:58:26,123 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 06:58:29,127 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 06:58:29,386 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 06:58:36,588 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '3220#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l1_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (= 0 |ULTIMATE.start_l4_insert_~list#1.offset|) (= |ULTIMATE.start_l3_insert_~list#1.offset| 4) (= |ULTIMATE.start_l4_insert_#t~ret7#1.offset| 0) (= |ULTIMATE.start_l0_insert_~item~4#1.offset| 0) (= |ULTIMATE.start_l1_insert_~item~3#1.offset| 0) (exists ((|v_ULTIMATE.start_l4_insert_~item~0#1.base_23| Int)) (and (<= (select |#length| |v_ULTIMATE.start_l4_insert_~item~0#1.base_23|) 7) (or (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (exists ((|v_#length_BEFORE_CALL_60| (Array Int Int))) (and (= (select |v_#length_BEFORE_CALL_60| 3) 4) (= (select |v_#length_BEFORE_CALL_60| 2) 14) (= (select |v_#length_BEFORE_CALL_60| 1) 2))) (not (= |v_ULTIMATE.start_l4_insert_~item~0#1.base_23| 0)) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (exists ((|v_#memory_int_BEFORE_CALL_58| (Array Int (Array Int Int)))) (and (= (select (select |v_#memory_int_BEFORE_CALL_58| 1) 1) 0) (= (select (select |v_#memory_int_BEFORE_CALL_58| 1) 0) 48))) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l2_insert_~item~2#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_58| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_58| 3) 0) 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_79| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_107| Int)) (and (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_107|) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_79| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_107| 4294967296)))) (= |ULTIMATE.start_l4_insert_~list#1.base| |ULTIMATE.start_l3_insert_~item~1#1.base|) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (not (= |ULTIMATE.start_l4_insert_#t~ret7#1.base| 0)) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_58| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_58| 3) 0) 0)) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0)) (and (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_60| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_60| 3) 0) 0)) (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |v_ULTIMATE.start_l4_insert_~item~0#1.base_23| 0)) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l2_insert_~item~2#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_79| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_107| Int)) (and (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_107|) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_79| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_107| 4294967296)))) (= |ULTIMATE.start_l4_insert_~list#1.base| |ULTIMATE.start_l3_insert_~item~1#1.base|) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (not (= |ULTIMATE.start_l4_insert_#t~ret7#1.base| 0)) (exists ((|v_#memory_int_BEFORE_CALL_60| (Array Int (Array Int Int)))) (and (= 48 (select (select |v_#memory_int_BEFORE_CALL_60| 1) 0)) (= (select (select |v_#memory_int_BEFORE_CALL_60| 1) 1) 0))) (exists ((|v_#length_BEFORE_CALL_62| (Array Int Int))) (and (= 4 (select |v_#length_BEFORE_CALL_62| 3)) (= (select |v_#length_BEFORE_CALL_62| 1) 2) (= (select |v_#length_BEFORE_CALL_62| 2) 14))) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_60| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_60| 3) 0) 0)) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0))))) (= |ULTIMATE.start_l2_insert_~item~2#1.offset| 0) (= |ULTIMATE.start_l2_insert_~list#1.offset| 0) (= |ULTIMATE.start_l3_insert_~item~1#1.offset| 0))' at error location [2024-11-09 06:58:36,589 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 06:58:36,589 INFO L185 FreeRefinementEngine]: Found 0 perfect and 1 imperfect interpolant sequences. [2024-11-09 06:58:36,589 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10] total 10 [2024-11-09 06:58:36,590 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1767869216] [2024-11-09 06:58:36,590 INFO L85 oduleStraightlineAll]: Using 1 imperfect interpolants to construct interpolant automaton [2024-11-09 06:58:36,590 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2024-11-09 06:58:36,591 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:58:36,591 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2024-11-09 06:58:36,592 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=152, Invalid=973, Unknown=1, NotChecked=64, Total=1190 [2024-11-09 06:58:36,593 INFO L87 Difference]: Start difference. First operand 198 states and 247 transitions. Second operand has 11 states, 8 states have (on average 3.375) internal successors, (27), 8 states have internal predecessors, (27), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-09 06:58:37,464 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:58:37,464 INFO L93 Difference]: Finished difference Result 196 states and 243 transitions. [2024-11-09 06:58:37,465 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-09 06:58:37,465 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 8 states have (on average 3.375) internal successors, (27), 8 states have internal predecessors, (27), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 54 [2024-11-09 06:58:37,466 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:58:37,467 INFO L225 Difference]: With dead ends: 196 [2024-11-09 06:58:37,467 INFO L226 Difference]: Without dead ends: 196 [2024-11-09 06:58:37,468 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 112 GetRequests, 70 SyntacticMatches, 6 SemanticMatches, 36 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 304 ImplicationChecksByTransitivity, 7.6s TimeCoverageRelationStatistics Valid=165, Invalid=1170, Unknown=1, NotChecked=70, Total=1406 [2024-11-09 06:58:37,469 INFO L432 NwaCegarLoop]: 119 mSDtfsCounter, 17 mSDsluCounter, 398 mSDsCounter, 0 mSdLazyCounter, 574 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 17 SdHoareTripleChecker+Valid, 517 SdHoareTripleChecker+Invalid, 736 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 574 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 154 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-11-09 06:58:37,470 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [17 Valid, 517 Invalid, 736 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 574 Invalid, 0 Unknown, 154 Unchecked, 0.6s Time] [2024-11-09 06:58:37,471 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 196 states. [2024-11-09 06:58:37,487 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 196 to 196. [2024-11-09 06:58:37,487 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 196 states, 115 states have (on average 1.9043478260869566) internal successors, (219), 179 states have internal predecessors, (219), 12 states have call successors, (12), 4 states have call predecessors, (12), 4 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-09 06:58:37,492 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 196 states to 196 states and 243 transitions. [2024-11-09 06:58:37,496 INFO L78 Accepts]: Start accepts. Automaton has 196 states and 243 transitions. Word has length 54 [2024-11-09 06:58:37,497 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:58:37,497 INFO L471 AbstractCegarLoop]: Abstraction has 196 states and 243 transitions. [2024-11-09 06:58:37,497 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 8 states have (on average 3.375) internal successors, (27), 8 states have internal predecessors, (27), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-09 06:58:37,497 INFO L276 IsEmpty]: Start isEmpty. Operand 196 states and 243 transitions. [2024-11-09 06:58:37,499 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-09 06:58:37,499 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:58:37,500 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:58:37,535 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Ended with exit code 0 [2024-11-09 06:58:37,704 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:37,704 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 06:58:37,705 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:58:37,705 INFO L85 PathProgramCache]: Analyzing trace with hash -1195741145, now seen corresponding path program 1 times [2024-11-09 06:58:37,705 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:58:37,705 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1909463984] [2024-11-09 06:58:37,705 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:37,706 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:58:37,800 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:58:38,838 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 77 proven. 15 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2024-11-09 06:58:38,839 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:58:38,839 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1909463984] [2024-11-09 06:58:38,839 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1909463984] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:58:38,839 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1785136986] [2024-11-09 06:58:38,840 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:38,840 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:38,840 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:58:38,842 INFO L229 MonitoredProcess]: Starting monitored process 7 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:58:38,844 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2024-11-09 06:58:39,123 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:58:39,127 INFO L255 TraceCheckSpWp]: Trace formula consists of 581 conjuncts, 29 conjuncts are in the unsatisfiable core [2024-11-09 06:58:39,131 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:58:39,220 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1) |c_#valid|)) is different from true [2024-11-09 06:58:39,247 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2024-11-09 06:58:39,247 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2024-11-09 06:58:39,304 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2024-11-09 06:58:39,305 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2024-11-09 06:58:39,323 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 71 proven. 2 refuted. 0 times theorem prover too weak. 41 trivial. 12 not checked. [2024-11-09 06:58:39,324 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 06:58:39,766 INFO L349 Elim1Store]: treesize reduction 5, result has 37.5 percent of original size [2024-11-09 06:58:39,766 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 11 [2024-11-09 06:58:39,791 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 71 proven. 14 refuted. 0 times theorem prover too weak. 41 trivial. 0 not checked. [2024-11-09 06:58:39,792 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1785136986] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 06:58:39,792 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [163845413] [2024-11-09 06:58:39,795 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 06:58:39,796 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 06:58:39,796 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 06:58:39,797 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 06:58:39,797 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 06:58:41,166 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 06:58:41,429 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 06:58:46,672 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '3984#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (exists ((|v_ULTIMATE.start_l4_insert_~list#1.base_16| Int)) (not (= (select |#valid| |v_ULTIMATE.start_l4_insert_~list#1.base_16|) 1))) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_102| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_111| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_144| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_93| Int)) (and (= 0 |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_93|) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_144|) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_102| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_144| 4294967296)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0) (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_111| 0))) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (exists ((|v_#memory_$Pointer$.offset_207| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_207| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_207| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (exists ((|v_#memory_$Pointer$.base_207| (Array Int (Array Int Int)))) (= (store |v_#memory_$Pointer$.base_207| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_207| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))) |#memory_$Pointer$.base|)) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0)) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) (exists ((|v_#memory_int_172| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_172| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_172| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))))' at error location [2024-11-09 06:58:46,673 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 06:58:46,673 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 06:58:46,673 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 10, 9] total 19 [2024-11-09 06:58:46,674 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [25873572] [2024-11-09 06:58:46,674 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 06:58:46,674 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2024-11-09 06:58:46,675 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:58:46,676 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2024-11-09 06:58:46,676 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=120, Invalid=1214, Unknown=2, NotChecked=70, Total=1406 [2024-11-09 06:58:46,677 INFO L87 Difference]: Start difference. First operand 196 states and 243 transitions. Second operand has 20 states, 16 states have (on average 3.0625) internal successors, (49), 17 states have internal predecessors, (49), 3 states have call successors, (9), 3 states have call predecessors, (9), 6 states have return successors, (10), 5 states have call predecessors, (10), 3 states have call successors, (10) [2024-11-09 06:58:47,888 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:58:47,888 INFO L93 Difference]: Finished difference Result 193 states and 237 transitions. [2024-11-09 06:58:47,888 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-09 06:58:47,889 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 16 states have (on average 3.0625) internal successors, (49), 17 states have internal predecessors, (49), 3 states have call successors, (9), 3 states have call predecessors, (9), 6 states have return successors, (10), 5 states have call predecessors, (10), 3 states have call successors, (10) Word has length 55 [2024-11-09 06:58:47,889 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:58:47,892 INFO L225 Difference]: With dead ends: 193 [2024-11-09 06:58:47,892 INFO L226 Difference]: Without dead ends: 193 [2024-11-09 06:58:47,893 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 184 GetRequests, 131 SyntacticMatches, 14 SemanticMatches, 39 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 504 ImplicationChecksByTransitivity, 5.8s TimeCoverageRelationStatistics Valid=144, Invalid=1418, Unknown=2, NotChecked=76, Total=1640 [2024-11-09 06:58:47,894 INFO L432 NwaCegarLoop]: 117 mSDtfsCounter, 27 mSDsluCounter, 1098 mSDsCounter, 0 mSdLazyCounter, 1013 mSolverCounterSat, 25 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 27 SdHoareTripleChecker+Valid, 1215 SdHoareTripleChecker+Invalid, 1190 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 25 IncrementalHoareTripleChecker+Valid, 1013 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 152 IncrementalHoareTripleChecker+Unchecked, 1.1s IncrementalHoareTripleChecker+Time [2024-11-09 06:58:47,894 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [27 Valid, 1215 Invalid, 1190 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [25 Valid, 1013 Invalid, 0 Unknown, 152 Unchecked, 1.1s Time] [2024-11-09 06:58:47,897 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 193 states. [2024-11-09 06:58:47,938 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 193 to 193. [2024-11-09 06:58:47,939 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 193 states, 115 states have (on average 1.8521739130434782) internal successors, (213), 176 states have internal predecessors, (213), 12 states have call successors, (12), 4 states have call predecessors, (12), 4 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-09 06:58:47,942 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 193 states to 193 states and 237 transitions. [2024-11-09 06:58:47,942 INFO L78 Accepts]: Start accepts. Automaton has 193 states and 237 transitions. Word has length 55 [2024-11-09 06:58:47,942 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:58:47,943 INFO L471 AbstractCegarLoop]: Abstraction has 193 states and 237 transitions. [2024-11-09 06:58:47,944 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 16 states have (on average 3.0625) internal successors, (49), 17 states have internal predecessors, (49), 3 states have call successors, (9), 3 states have call predecessors, (9), 6 states have return successors, (10), 5 states have call predecessors, (10), 3 states have call successors, (10) [2024-11-09 06:58:47,944 INFO L276 IsEmpty]: Start isEmpty. Operand 193 states and 237 transitions. [2024-11-09 06:58:47,945 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-09 06:58:47,949 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:58:47,949 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:58:47,984 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2024-11-09 06:58:48,150 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,7 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:48,150 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 06:58:48,151 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:58:48,152 INFO L85 PathProgramCache]: Analyzing trace with hash -1195741144, now seen corresponding path program 1 times [2024-11-09 06:58:48,152 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:58:48,152 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1326844871] [2024-11-09 06:58:48,152 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:48,152 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:58:48,375 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:58:49,823 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 61 proven. 8 refuted. 0 times theorem prover too weak. 57 trivial. 0 not checked. [2024-11-09 06:58:49,824 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:58:49,824 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1326844871] [2024-11-09 06:58:49,824 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1326844871] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:58:49,825 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [38014600] [2024-11-09 06:58:49,825 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:58:49,825 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:58:49,825 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:58:49,827 INFO L229 MonitoredProcess]: Starting monitored process 8 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:58:49,830 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Waiting until timeout for monitored process [2024-11-09 06:58:50,270 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:58:50,276 INFO L255 TraceCheckSpWp]: Trace formula consists of 581 conjuncts, 42 conjuncts are in the unsatisfiable core [2024-11-09 06:58:50,281 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:58:50,335 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2024-11-09 06:58:53,268 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 06:58:53,320 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 06:58:53,321 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 13 [2024-11-09 06:58:53,407 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2024-11-09 06:58:53,407 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2024-11-09 06:58:53,497 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 58 proven. 9 refuted. 0 times theorem prover too weak. 50 trivial. 9 not checked. [2024-11-09 06:58:53,497 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 06:58:53,689 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [38014600] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:58:53,689 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1369265154] [2024-11-09 06:58:53,697 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 06:58:53,698 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 06:58:53,698 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 06:58:53,699 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 06:58:53,699 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 06:58:56,636 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 06:58:56,873 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 06:59:24,798 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4590#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l4_insert_~item~0#1.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (exists ((|v_#memory_$Pointer$.base_218| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_218| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_218| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))))) (exists ((|v_#memory_$Pointer$.offset_218| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_218| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_218| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 0)))) (= |ULTIMATE.start_l1_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (exists ((|v_ULTIMATE.start_l4_insert_~list#1.base_17| Int)) (and (or (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_112| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_162| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_112| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_162| 4294967296)) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_162|))) (exists ((|v_#length_BEFORE_CALL_122| (Array Int Int))) (and (= 14 (select |v_#length_BEFORE_CALL_122| 2)) (= 4 (select |v_#length_BEFORE_CALL_122| 3)) (= 2 (select |v_#length_BEFORE_CALL_122| 1)))) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (exists ((|v_#memory_int_BEFORE_CALL_118| (Array Int (Array Int Int)))) (and (= (select (select |v_#memory_int_BEFORE_CALL_118| 1) 1) 0) (= (select (select |v_#memory_int_BEFORE_CALL_118| 1) 0) 48))) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l2_insert_~item~2#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_old(#memory_$Pointer$.base)_AFTER_CALL_82| (Array Int (Array Int Int)))) (= (select (select |v_old(#memory_$Pointer$.base)_AFTER_CALL_82| 3) 0) 0)) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_118| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_118| 3) 0) 0)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |v_ULTIMATE.start_l4_insert_~list#1.base_17|)) (and (exists ((|v_#length_BEFORE_CALL_124| (Array Int Int))) (and (= 14 (select |v_#length_BEFORE_CALL_124| 2)) (= (select |v_#length_BEFORE_CALL_124| 1) 2) (= (select |v_#length_BEFORE_CALL_124| 3) 4))) (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_112| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_162| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_112| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_162| 4294967296)) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_162|))) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l2_insert_~item~2#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (exists ((|v_#memory_int_BEFORE_CALL_120| (Array Int (Array Int Int)))) (and (= (select (select |v_#memory_int_BEFORE_CALL_120| 1) 1) 0) (= (select (select |v_#memory_int_BEFORE_CALL_120| 1) 0) 48))) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_120| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_120| 3) 0) 0)) (exists ((|v_old(#memory_$Pointer$.base)_AFTER_CALL_83| (Array Int (Array Int Int)))) (= (select (select |v_old(#memory_$Pointer$.base)_AFTER_CALL_83| 3) 0) 0)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |v_ULTIMATE.start_l4_insert_~list#1.base_17|))) (<= (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_17|) 3))) (<= 8 (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= |ULTIMATE.start_l3_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~item~4#1.offset| 0) (= |ULTIMATE.start_l1_insert_~item~3#1.offset| 0) (exists ((|v_#memory_int_183| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_183| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_183| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))))) (= |ULTIMATE.start_l2_insert_~item~2#1.offset| 0) (= |ULTIMATE.start_l2_insert_~list#1.offset| 0) (= |ULTIMATE.start_l3_insert_~item~1#1.offset| 0))' at error location [2024-11-09 06:59:24,798 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 06:59:24,798 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 06:59:24,798 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 13] total 22 [2024-11-09 06:59:24,799 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [175348011] [2024-11-09 06:59:24,799 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 06:59:24,799 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 22 states [2024-11-09 06:59:24,799 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:59:24,800 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 22 interpolants. [2024-11-09 06:59:24,800 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=200, Invalid=1873, Unknown=1, NotChecked=88, Total=2162 [2024-11-09 06:59:24,801 INFO L87 Difference]: Start difference. First operand 193 states and 237 transitions. Second operand has 22 states, 17 states have (on average 2.4705882352941178) internal successors, (42), 17 states have internal predecessors, (42), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 06:59:26,831 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 06:59:28,892 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:59:28,893 INFO L93 Difference]: Finished difference Result 207 states and 265 transitions. [2024-11-09 06:59:28,893 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-09 06:59:28,893 INFO L78 Accepts]: Start accepts. Automaton has has 22 states, 17 states have (on average 2.4705882352941178) internal successors, (42), 17 states have internal predecessors, (42), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) Word has length 55 [2024-11-09 06:59:28,894 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:59:28,896 INFO L225 Difference]: With dead ends: 207 [2024-11-09 06:59:28,897 INFO L226 Difference]: Without dead ends: 203 [2024-11-09 06:59:28,901 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 131 GetRequests, 75 SyntacticMatches, 6 SemanticMatches, 50 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 779 ImplicationChecksByTransitivity, 31.4s TimeCoverageRelationStatistics Valid=242, Invalid=2311, Unknown=1, NotChecked=98, Total=2652 [2024-11-09 06:59:28,903 INFO L432 NwaCegarLoop]: 126 mSDtfsCounter, 12 mSDsluCounter, 805 mSDsCounter, 0 mSdLazyCounter, 939 mSolverCounterSat, 12 mSolverCounterUnsat, 1 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 3.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 12 SdHoareTripleChecker+Valid, 931 SdHoareTripleChecker+Invalid, 1113 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 939 IncrementalHoareTripleChecker+Invalid, 1 IncrementalHoareTripleChecker+Unknown, 161 IncrementalHoareTripleChecker+Unchecked, 3.6s IncrementalHoareTripleChecker+Time [2024-11-09 06:59:28,903 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [12 Valid, 931 Invalid, 1113 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [12 Valid, 939 Invalid, 1 Unknown, 161 Unchecked, 3.6s Time] [2024-11-09 06:59:28,905 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 203 states. [2024-11-09 06:59:28,915 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 203 to 199. [2024-11-09 06:59:28,916 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 199 states, 118 states have (on average 1.847457627118644) internal successors, (218), 181 states have internal predecessors, (218), 13 states have call successors, (13), 4 states have call predecessors, (13), 6 states have return successors, (21), 13 states have call predecessors, (21), 12 states have call successors, (21) [2024-11-09 06:59:28,919 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 199 states to 199 states and 252 transitions. [2024-11-09 06:59:28,920 INFO L78 Accepts]: Start accepts. Automaton has 199 states and 252 transitions. Word has length 55 [2024-11-09 06:59:28,920 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:59:28,921 INFO L471 AbstractCegarLoop]: Abstraction has 199 states and 252 transitions. [2024-11-09 06:59:28,921 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 22 states, 17 states have (on average 2.4705882352941178) internal successors, (42), 17 states have internal predecessors, (42), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 06:59:28,922 INFO L276 IsEmpty]: Start isEmpty. Operand 199 states and 252 transitions. [2024-11-09 06:59:28,922 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-09 06:59:28,924 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:59:28,924 INFO L215 NwaCegarLoop]: trace histogram [7, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:59:28,948 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Ended with exit code 0 [2024-11-09 06:59:29,128 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,8 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:59:29,129 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 06:59:29,129 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:59:29,130 INFO L85 PathProgramCache]: Analyzing trace with hash -1392117606, now seen corresponding path program 2 times [2024-11-09 06:59:29,130 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:59:29,130 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1732086216] [2024-11-09 06:59:29,130 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:59:29,130 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:59:29,226 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:59:30,663 INFO L134 CoverageAnalysis]: Checked inductivity of 138 backedges. 69 proven. 12 refuted. 0 times theorem prover too weak. 57 trivial. 0 not checked. [2024-11-09 06:59:30,663 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:59:30,663 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1732086216] [2024-11-09 06:59:30,664 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1732086216] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:59:30,664 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [717554621] [2024-11-09 06:59:30,664 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2024-11-09 06:59:30,664 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:59:30,664 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:59:30,666 INFO L229 MonitoredProcess]: Starting monitored process 9 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:59:30,671 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (9)] Waiting until timeout for monitored process [2024-11-09 06:59:30,878 INFO L227 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2024-11-09 06:59:30,878 INFO L228 tOrderPrioritization]: Conjunction of SSA is unsat [2024-11-09 06:59:30,880 INFO L255 TraceCheckSpWp]: Trace formula consists of 202 conjuncts, 19 conjuncts are in the unsatisfiable core [2024-11-09 06:59:30,884 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:59:30,918 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2024-11-09 06:59:31,243 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 15 treesize of output 11 [2024-11-09 06:59:31,526 INFO L134 CoverageAnalysis]: Checked inductivity of 138 backedges. 37 proven. 1 refuted. 0 times theorem prover too weak. 100 trivial. 0 not checked. [2024-11-09 06:59:31,526 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 06:59:32,132 INFO L134 CoverageAnalysis]: Checked inductivity of 138 backedges. 37 proven. 1 refuted. 0 times theorem prover too weak. 100 trivial. 0 not checked. [2024-11-09 06:59:32,132 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [717554621] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 06:59:32,132 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [138248616] [2024-11-09 06:59:32,136 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 06:59:32,136 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 06:59:32,136 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 06:59:32,137 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 06:59:32,137 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 06:59:33,088 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 06:59:33,260 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 06:59:36,071 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '5381#(and (exists ((|v_#memory_$Pointer$.base_246| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_246| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_246| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (exists ((|v_#memory_int_211| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_211| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_211| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (exists ((|v_#memory_$Pointer$.offset_246| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_246| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_246| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_135| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_199| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_149| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_123| Int)) (and (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_123| 0) (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_149| 0) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_199|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_135| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_199| 4294967296)))) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0)) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))' at error location [2024-11-09 06:59:36,071 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 06:59:36,071 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 06:59:36,071 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 6, 6] total 21 [2024-11-09 06:59:36,072 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [391249134] [2024-11-09 06:59:36,072 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 06:59:36,072 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 21 states [2024-11-09 06:59:36,072 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:59:36,073 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2024-11-09 06:59:36,073 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=119, Invalid=1287, Unknown=0, NotChecked=0, Total=1406 [2024-11-09 06:59:36,073 INFO L87 Difference]: Start difference. First operand 199 states and 252 transitions. Second operand has 21 states, 16 states have (on average 2.5625) internal successors, (41), 18 states have internal predecessors, (41), 2 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 06:59:41,034 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 1.33s for a HTC check with result INVALID. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 06:59:41,687 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:59:41,687 INFO L93 Difference]: Finished difference Result 219 states and 273 transitions. [2024-11-09 06:59:41,688 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2024-11-09 06:59:41,688 INFO L78 Accepts]: Start accepts. Automaton has has 21 states, 16 states have (on average 2.5625) internal successors, (41), 18 states have internal predecessors, (41), 2 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) Word has length 56 [2024-11-09 06:59:41,688 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:59:41,690 INFO L225 Difference]: With dead ends: 219 [2024-11-09 06:59:41,690 INFO L226 Difference]: Without dead ends: 207 [2024-11-09 06:59:41,691 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 192 GetRequests, 137 SyntacticMatches, 6 SemanticMatches, 49 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 571 ImplicationChecksByTransitivity, 5.5s TimeCoverageRelationStatistics Valid=282, Invalid=2268, Unknown=0, NotChecked=0, Total=2550 [2024-11-09 06:59:41,691 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 31 mSDsluCounter, 958 mSDsCounter, 0 mSdLazyCounter, 952 mSolverCounterSat, 44 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 3.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 31 SdHoareTripleChecker+Valid, 1079 SdHoareTripleChecker+Invalid, 996 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 44 IncrementalHoareTripleChecker+Valid, 952 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 4.0s IncrementalHoareTripleChecker+Time [2024-11-09 06:59:41,692 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [31 Valid, 1079 Invalid, 996 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [44 Valid, 952 Invalid, 0 Unknown, 0 Unchecked, 4.0s Time] [2024-11-09 06:59:41,692 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 207 states. [2024-11-09 06:59:41,698 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 207 to 207. [2024-11-09 06:59:41,699 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 207 states, 126 states have (on average 1.7936507936507937) internal successors, (226), 189 states have internal predecessors, (226), 13 states have call successors, (13), 4 states have call predecessors, (13), 6 states have return successors, (21), 13 states have call predecessors, (21), 12 states have call successors, (21) [2024-11-09 06:59:41,700 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 207 states to 207 states and 260 transitions. [2024-11-09 06:59:41,700 INFO L78 Accepts]: Start accepts. Automaton has 207 states and 260 transitions. Word has length 56 [2024-11-09 06:59:41,700 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:59:41,701 INFO L471 AbstractCegarLoop]: Abstraction has 207 states and 260 transitions. [2024-11-09 06:59:41,701 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 21 states, 16 states have (on average 2.5625) internal successors, (41), 18 states have internal predecessors, (41), 2 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 06:59:41,701 INFO L276 IsEmpty]: Start isEmpty. Operand 207 states and 260 transitions. [2024-11-09 06:59:41,702 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2024-11-09 06:59:41,702 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:59:41,702 INFO L215 NwaCegarLoop]: trace histogram [15, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:59:41,720 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (9)] Forceful destruction successful, exit code 0 [2024-11-09 06:59:41,903 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-09 06:59:41,903 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 06:59:41,903 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:59:41,904 INFO L85 PathProgramCache]: Analyzing trace with hash -1588796586, now seen corresponding path program 3 times [2024-11-09 06:59:41,904 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:59:41,904 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1461237159] [2024-11-09 06:59:41,904 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:59:41,904 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:59:41,994 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:59:43,559 INFO L134 CoverageAnalysis]: Checked inductivity of 270 backedges. 137 proven. 29 refuted. 0 times theorem prover too weak. 104 trivial. 0 not checked. [2024-11-09 06:59:43,560 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:59:43,560 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1461237159] [2024-11-09 06:59:43,560 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1461237159] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:59:43,560 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [155858054] [2024-11-09 06:59:43,561 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2024-11-09 06:59:43,561 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:59:43,561 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:59:43,563 INFO L229 MonitoredProcess]: Starting monitored process 10 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:59:43,565 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (10)] Waiting until timeout for monitored process [2024-11-09 06:59:44,125 INFO L227 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2024-11-09 06:59:44,125 INFO L228 tOrderPrioritization]: Conjunction of SSA is unsat [2024-11-09 06:59:44,131 INFO L255 TraceCheckSpWp]: Trace formula consists of 716 conjuncts, 61 conjuncts are in the unsatisfiable core [2024-11-09 06:59:44,135 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:59:44,238 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2024-11-09 06:59:44,252 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2024-11-09 06:59:49,490 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_calloc_model_~ptr~0#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_calloc_model_~ptr~0#1.base| (select |c_#length| |zalloc_or_die_calloc_model_~ptr~0#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_calloc_model_~ptr~0#1.base|) 0))) is different from true [2024-11-09 06:59:49,825 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 06:59:49,826 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 9 [2024-11-09 06:59:49,840 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2024-11-09 06:59:49,840 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2024-11-09 06:59:49,891 INFO L134 CoverageAnalysis]: Checked inductivity of 270 backedges. 116 proven. 87 refuted. 0 times theorem prover too weak. 64 trivial. 3 not checked. [2024-11-09 06:59:49,891 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 06:59:50,133 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [155858054] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:59:50,133 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2111247734] [2024-11-09 06:59:50,135 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 06:59:50,135 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 06:59:50,135 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 06:59:50,135 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 06:59:50,135 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 06:59:51,957 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 06:59:52,094 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 07:00:10,360 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6082#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l4_insert_~item~0#1.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l1_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (exists ((|v_#memory_int_225| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_225| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_225| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))))) (<= 8 (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= |ULTIMATE.start_l3_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~item~4#1.offset| 0) (exists ((|v_#memory_$Pointer$.offset_260| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_260| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_260| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 0)))) (= |ULTIMATE.start_l1_insert_~item~3#1.offset| 0) (= |ULTIMATE.start_l2_insert_~item~2#1.offset| 0) (exists ((|v_#memory_$Pointer$.base_260| (Array Int (Array Int Int)))) (= (store |v_#memory_$Pointer$.base_260| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_260| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))) |#memory_$Pointer$.base|)) (= |ULTIMATE.start_l2_insert_~list#1.offset| 0) (= |ULTIMATE.start_l3_insert_~item~1#1.offset| 0) (exists ((|v_ULTIMATE.start_l4_insert_~list#1.base_19| Int)) (and (<= (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_19|) 3) (or (and (exists ((|v_old(#memory_int)_AFTER_CALL_118| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_118| 1) 1) 0) (= (select (select |v_old(#memory_int)_AFTER_CALL_118| 1) 0) 48))) (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (exists ((|v_#length_BEFORE_CALL_184| (Array Int Int))) (and (= 2 (select |v_#length_BEFORE_CALL_184| 1)) (= (select |v_#length_BEFORE_CALL_184| 3) 4) (= (select |v_#length_BEFORE_CALL_184| 2) 14))) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_178| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_178| 3) 0) 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l2_insert_~item~2#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |v_ULTIMATE.start_l4_insert_~list#1.base_19|) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_230| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_150| Int)) (and (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_230|) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_150| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_230| 4294967296)))) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_178| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_178| 3) 0) 0))) (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_180| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_180| 3) 0) 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l2_insert_~item~2#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |v_ULTIMATE.start_l4_insert_~list#1.base_19|) (exists ((|v_#length_BEFORE_CALL_186| (Array Int Int))) (and (= 4 (select |v_#length_BEFORE_CALL_186| 3)) (= 14 (select |v_#length_BEFORE_CALL_186| 2)) (= 2 (select |v_#length_BEFORE_CALL_186| 1)))) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (exists ((|v_old(#memory_int)_AFTER_CALL_119| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_119| 1) 1) 0) (= (select (select |v_old(#memory_int)_AFTER_CALL_119| 1) 0) 48))) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_230| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_150| Int)) (and (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_230|) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_150| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_230| 4294967296)))) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_180| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_180| 3) 0) 0)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)))))))' at error location [2024-11-09 07:00:10,360 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 07:00:10,360 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 07:00:10,360 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 21] total 32 [2024-11-09 07:00:10,361 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1894128503] [2024-11-09 07:00:10,361 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 07:00:10,361 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 32 states [2024-11-09 07:00:10,361 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 07:00:10,362 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 32 interpolants. [2024-11-09 07:00:10,363 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=232, Invalid=2849, Unknown=3, NotChecked=108, Total=3192 [2024-11-09 07:00:10,363 INFO L87 Difference]: Start difference. First operand 207 states and 260 transitions. Second operand has 32 states, 27 states have (on average 1.8888888888888888) internal successors, (51), 27 states have internal predecessors, (51), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 07:00:13,731 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 07:00:13,731 INFO L93 Difference]: Finished difference Result 225 states and 302 transitions. [2024-11-09 07:00:13,732 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2024-11-09 07:00:13,732 INFO L78 Accepts]: Start accepts. Automaton has has 32 states, 27 states have (on average 1.8888888888888888) internal successors, (51), 27 states have internal predecessors, (51), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) Word has length 64 [2024-11-09 07:00:13,732 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 07:00:13,736 INFO L225 Difference]: With dead ends: 225 [2024-11-09 07:00:13,736 INFO L226 Difference]: Without dead ends: 221 [2024-11-09 07:00:13,737 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 154 GetRequests, 83 SyntacticMatches, 7 SemanticMatches, 64 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 1343 ImplicationChecksByTransitivity, 25.4s TimeCoverageRelationStatistics Valid=317, Invalid=3844, Unknown=3, NotChecked=126, Total=4290 [2024-11-09 07:00:13,738 INFO L432 NwaCegarLoop]: 135 mSDtfsCounter, 9 mSDsluCounter, 1740 mSDsCounter, 0 mSdLazyCounter, 2007 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 9 SdHoareTripleChecker+Valid, 1875 SdHoareTripleChecker+Invalid, 2198 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 2007 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 183 IncrementalHoareTripleChecker+Unchecked, 2.1s IncrementalHoareTripleChecker+Time [2024-11-09 07:00:13,738 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [9 Valid, 1875 Invalid, 2198 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 2007 Invalid, 0 Unknown, 183 Unchecked, 2.1s Time] [2024-11-09 07:00:13,739 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 221 states. [2024-11-09 07:00:13,757 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 221 to 209. [2024-11-09 07:00:13,759 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 209 states, 128 states have (on average 1.796875) internal successors, (230), 191 states have internal predecessors, (230), 13 states have call successors, (13), 4 states have call predecessors, (13), 6 states have return successors, (21), 13 states have call predecessors, (21), 12 states have call successors, (21) [2024-11-09 07:00:13,761 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 209 states to 209 states and 264 transitions. [2024-11-09 07:00:13,761 INFO L78 Accepts]: Start accepts. Automaton has 209 states and 264 transitions. Word has length 64 [2024-11-09 07:00:13,762 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 07:00:13,762 INFO L471 AbstractCegarLoop]: Abstraction has 209 states and 264 transitions. [2024-11-09 07:00:13,763 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 32 states, 27 states have (on average 1.8888888888888888) internal successors, (51), 27 states have internal predecessors, (51), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 07:00:13,763 INFO L276 IsEmpty]: Start isEmpty. Operand 209 states and 264 transitions. [2024-11-09 07:00:13,764 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2024-11-09 07:00:13,767 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 07:00:13,767 INFO L215 NwaCegarLoop]: trace histogram [16, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 07:00:13,793 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (10)] Ended with exit code 0 [2024-11-09 07:00:13,968 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,10 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 07:00:13,968 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 07:00:13,969 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 07:00:13,969 INFO L85 PathProgramCache]: Analyzing trace with hash 1752440276, now seen corresponding path program 4 times [2024-11-09 07:00:13,969 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 07:00:13,969 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1621808502] [2024-11-09 07:00:13,969 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 07:00:13,969 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 07:00:14,074 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 07:00:15,430 INFO L134 CoverageAnalysis]: Checked inductivity of 291 backedges. 149 proven. 38 refuted. 0 times theorem prover too weak. 104 trivial. 0 not checked. [2024-11-09 07:00:15,431 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 07:00:15,431 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1621808502] [2024-11-09 07:00:15,431 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1621808502] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 07:00:15,431 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [511454440] [2024-11-09 07:00:15,431 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2024-11-09 07:00:15,431 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 07:00:15,432 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 07:00:15,434 INFO L229 MonitoredProcess]: Starting monitored process 11 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 07:00:15,436 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (11)] Waiting until timeout for monitored process [2024-11-09 07:00:15,956 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 07:00:15,961 INFO L255 TraceCheckSpWp]: Trace formula consists of 731 conjuncts, 44 conjuncts are in the unsatisfiable core [2024-11-09 07:00:15,965 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 07:00:15,979 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2024-11-09 07:00:18,842 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 07:00:18,901 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 07:00:18,902 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 13 [2024-11-09 07:00:18,924 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2024-11-09 07:00:18,924 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2024-11-09 07:00:19,005 INFO L134 CoverageAnalysis]: Checked inductivity of 291 backedges. 149 proven. 10 refuted. 0 times theorem prover too weak. 104 trivial. 28 not checked. [2024-11-09 07:00:19,005 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 07:00:19,121 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [511454440] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 07:00:19,121 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [258178999] [2024-11-09 07:00:19,123 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 07:00:19,123 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 07:00:19,123 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 07:00:19,123 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 07:00:19,123 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 07:00:19,796 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 07:00:19,920 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 07:00:40,937 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6788#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (exists ((|v_#memory_$Pointer$.offset_274| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_274| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_274| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#value#1_165| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_156| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_137| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_249| Int)) (and (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_165| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0) (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_137| 0) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_249|) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_156| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_249| 4294967296)))) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (exists ((|v_#memory_$Pointer$.base_274| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_274| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_274| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0)) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) (exists ((|v_#memory_int_239| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_239| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_239| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))))' at error location [2024-11-09 07:00:40,938 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 07:00:40,938 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 07:00:40,938 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 15] total 27 [2024-11-09 07:00:40,938 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [296226258] [2024-11-09 07:00:40,938 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 07:00:40,939 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 27 states [2024-11-09 07:00:40,939 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 07:00:40,939 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2024-11-09 07:00:40,940 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=155, Invalid=1827, Unknown=2, NotChecked=86, Total=2070 [2024-11-09 07:00:40,940 INFO L87 Difference]: Start difference. First operand 209 states and 264 transitions. Second operand has 27 states, 22 states have (on average 2.090909090909091) internal successors, (46), 22 states have internal predecessors, (46), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 07:00:42,964 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:00:45,908 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 07:00:45,909 INFO L93 Difference]: Finished difference Result 223 states and 292 transitions. [2024-11-09 07:00:45,909 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2024-11-09 07:00:45,910 INFO L78 Accepts]: Start accepts. Automaton has has 27 states, 22 states have (on average 2.090909090909091) internal successors, (46), 22 states have internal predecessors, (46), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) Word has length 65 [2024-11-09 07:00:45,910 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 07:00:45,911 INFO L225 Difference]: With dead ends: 223 [2024-11-09 07:00:45,912 INFO L226 Difference]: Without dead ends: 219 [2024-11-09 07:00:45,912 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 156 GetRequests, 97 SyntacticMatches, 7 SemanticMatches, 52 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 886 ImplicationChecksByTransitivity, 24.7s TimeCoverageRelationStatistics Valid=232, Invalid=2526, Unknown=2, NotChecked=102, Total=2862 [2024-11-09 07:00:45,913 INFO L432 NwaCegarLoop]: 126 mSDtfsCounter, 11 mSDsluCounter, 1031 mSDsCounter, 0 mSdLazyCounter, 1410 mSolverCounterSat, 14 mSolverCounterUnsat, 1 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 4.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 11 SdHoareTripleChecker+Valid, 1157 SdHoareTripleChecker+Invalid, 1586 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 1410 IncrementalHoareTripleChecker+Invalid, 1 IncrementalHoareTripleChecker+Unknown, 161 IncrementalHoareTripleChecker+Unchecked, 4.3s IncrementalHoareTripleChecker+Time [2024-11-09 07:00:45,913 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [11 Valid, 1157 Invalid, 1586 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 1410 Invalid, 1 Unknown, 161 Unchecked, 4.3s Time] [2024-11-09 07:00:45,914 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 219 states. [2024-11-09 07:00:45,921 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 219 to 211. [2024-11-09 07:00:45,921 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 211 states, 130 states have (on average 1.8) internal successors, (234), 193 states have internal predecessors, (234), 13 states have call successors, (13), 4 states have call predecessors, (13), 6 states have return successors, (21), 13 states have call predecessors, (21), 12 states have call successors, (21) [2024-11-09 07:00:45,922 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 211 states to 211 states and 268 transitions. [2024-11-09 07:00:45,923 INFO L78 Accepts]: Start accepts. Automaton has 211 states and 268 transitions. Word has length 65 [2024-11-09 07:00:45,923 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 07:00:45,923 INFO L471 AbstractCegarLoop]: Abstraction has 211 states and 268 transitions. [2024-11-09 07:00:45,923 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 27 states, 22 states have (on average 2.090909090909091) internal successors, (46), 22 states have internal predecessors, (46), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 07:00:45,923 INFO L276 IsEmpty]: Start isEmpty. Operand 211 states and 268 transitions. [2024-11-09 07:00:45,924 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2024-11-09 07:00:45,924 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 07:00:45,924 INFO L215 NwaCegarLoop]: trace histogram [17, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 07:00:45,946 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (11)] Forceful destruction successful, exit code 0 [2024-11-09 07:00:46,128 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,11 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 07:00:46,129 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 07:00:46,129 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 07:00:46,129 INFO L85 PathProgramCache]: Analyzing trace with hash -2043399402, now seen corresponding path program 5 times [2024-11-09 07:00:46,129 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 07:00:46,129 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [87474708] [2024-11-09 07:00:46,129 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 07:00:46,130 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 07:00:46,221 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 07:00:47,691 INFO L134 CoverageAnalysis]: Checked inductivity of 313 backedges. 161 proven. 48 refuted. 0 times theorem prover too weak. 104 trivial. 0 not checked. [2024-11-09 07:00:47,691 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 07:00:47,691 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [87474708] [2024-11-09 07:00:47,692 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [87474708] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 07:00:47,692 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [350246049] [2024-11-09 07:00:47,692 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2024-11-09 07:00:47,692 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 07:00:47,692 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 07:00:47,694 INFO L229 MonitoredProcess]: Starting monitored process 12 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 07:00:47,696 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (12)] Waiting until timeout for monitored process [2024-11-09 07:00:48,299 INFO L227 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 3 check-sat command(s) [2024-11-09 07:00:48,299 INFO L228 tOrderPrioritization]: Conjunction of SSA is unsat [2024-11-09 07:00:48,302 INFO L255 TraceCheckSpWp]: Trace formula consists of 353 conjuncts, 35 conjuncts are in the unsatisfiable core [2024-11-09 07:00:48,305 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 07:00:48,320 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2024-11-09 07:00:48,383 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-09 07:00:48,752 INFO L134 CoverageAnalysis]: Checked inductivity of 313 backedges. 105 proven. 10 refuted. 0 times theorem prover too weak. 198 trivial. 0 not checked. [2024-11-09 07:00:48,752 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 07:00:49,321 INFO L134 CoverageAnalysis]: Checked inductivity of 313 backedges. 105 proven. 10 refuted. 0 times theorem prover too weak. 198 trivial. 0 not checked. [2024-11-09 07:00:49,321 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [350246049] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 07:00:49,321 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [714085326] [2024-11-09 07:00:49,324 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 07:00:49,324 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 07:00:49,324 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 07:00:49,325 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 07:00:49,325 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 07:00:49,885 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 07:00:50,038 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 07:00:53,132 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '7676#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (exists ((|v_#memory_$Pointer$.base_315| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_315| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_315| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (exists ((|v_#memory_int_280| (Array Int (Array Int Int)))) (= (store |v_#memory_int_280| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_280| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))) |#memory_int|)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0)) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) (exists ((|v_#memory_$Pointer$.offset_315| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_315| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_315| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#value#1_197| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_183| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_306| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_162| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_183| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_306| 4294967296)) (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_162| 0) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_306|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0) (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_197| 0))))' at error location [2024-11-09 07:00:53,132 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 07:00:53,133 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 07:00:53,133 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 9, 9] total 30 [2024-11-09 07:00:53,133 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1788801608] [2024-11-09 07:00:53,133 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 07:00:53,133 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 30 states [2024-11-09 07:00:53,133 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 07:00:53,134 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 30 interpolants. [2024-11-09 07:00:53,135 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=173, Invalid=1989, Unknown=0, NotChecked=0, Total=2162 [2024-11-09 07:00:53,135 INFO L87 Difference]: Start difference. First operand 211 states and 268 transitions. Second operand has 30 states, 25 states have (on average 2.0) internal successors, (50), 27 states have internal predecessors, (50), 2 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 07:00:56,467 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 07:00:56,467 INFO L93 Difference]: Finished difference Result 237 states and 301 transitions. [2024-11-09 07:00:56,467 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 30 states. [2024-11-09 07:00:56,467 INFO L78 Accepts]: Start accepts. Automaton has has 30 states, 25 states have (on average 2.0) internal successors, (50), 27 states have internal predecessors, (50), 2 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) Word has length 66 [2024-11-09 07:00:56,468 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 07:00:56,469 INFO L225 Difference]: With dead ends: 237 [2024-11-09 07:00:56,469 INFO L226 Difference]: Without dead ends: 225 [2024-11-09 07:00:56,470 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 235 GetRequests, 161 SyntacticMatches, 6 SemanticMatches, 68 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1125 ImplicationChecksByTransitivity, 6.3s TimeCoverageRelationStatistics Valid=589, Invalid=4241, Unknown=0, NotChecked=0, Total=4830 [2024-11-09 07:00:56,471 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 50 mSDsluCounter, 1731 mSDsCounter, 0 mSdLazyCounter, 1324 mSolverCounterSat, 22 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 50 SdHoareTripleChecker+Valid, 1852 SdHoareTripleChecker+Invalid, 1346 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 22 IncrementalHoareTripleChecker+Valid, 1324 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.2s IncrementalHoareTripleChecker+Time [2024-11-09 07:00:56,471 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [50 Valid, 1852 Invalid, 1346 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [22 Valid, 1324 Invalid, 0 Unknown, 0 Unchecked, 1.2s Time] [2024-11-09 07:00:56,472 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 225 states. [2024-11-09 07:00:56,478 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 225 to 225. [2024-11-09 07:00:56,478 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 225 states, 144 states have (on average 1.6944444444444444) internal successors, (244), 207 states have internal predecessors, (244), 13 states have call successors, (13), 4 states have call predecessors, (13), 6 states have return successors, (21), 13 states have call predecessors, (21), 12 states have call successors, (21) [2024-11-09 07:00:56,480 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 225 states to 225 states and 278 transitions. [2024-11-09 07:00:56,480 INFO L78 Accepts]: Start accepts. Automaton has 225 states and 278 transitions. Word has length 66 [2024-11-09 07:00:56,480 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 07:00:56,480 INFO L471 AbstractCegarLoop]: Abstraction has 225 states and 278 transitions. [2024-11-09 07:00:56,480 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 30 states, 25 states have (on average 2.0) internal successors, (50), 27 states have internal predecessors, (50), 2 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 07:00:56,480 INFO L276 IsEmpty]: Start isEmpty. Operand 225 states and 278 transitions. [2024-11-09 07:00:56,481 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 86 [2024-11-09 07:00:56,481 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 07:00:56,481 INFO L215 NwaCegarLoop]: trace histogram [36, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 07:00:56,492 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (12)] Ended with exit code 0 [2024-11-09 07:00:56,682 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 12 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable12 [2024-11-09 07:00:56,682 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 07:00:56,683 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 07:00:56,683 INFO L85 PathProgramCache]: Analyzing trace with hash -1091209476, now seen corresponding path program 6 times [2024-11-09 07:00:56,683 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 07:00:56,683 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [585813506] [2024-11-09 07:00:56,683 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 07:00:56,683 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 07:00:56,811 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 07:00:58,917 INFO L134 CoverageAnalysis]: Checked inductivity of 921 backedges. 461 proven. 101 refuted. 0 times theorem prover too weak. 359 trivial. 0 not checked. [2024-11-09 07:00:58,917 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 07:00:58,918 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [585813506] [2024-11-09 07:00:58,918 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [585813506] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 07:00:58,918 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2128586564] [2024-11-09 07:00:58,918 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2024-11-09 07:00:58,918 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 07:00:58,918 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 07:00:58,920 INFO L229 MonitoredProcess]: Starting monitored process 13 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 07:00:58,923 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (13)] Waiting until timeout for monitored process [2024-11-09 07:00:59,984 INFO L227 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2024-11-09 07:00:59,985 INFO L228 tOrderPrioritization]: Conjunction of SSA is unsat [2024-11-09 07:00:59,992 INFO L255 TraceCheckSpWp]: Trace formula consists of 1031 conjuncts, 49 conjuncts are in the unsatisfiable core [2024-11-09 07:00:59,997 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 07:01:00,006 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2024-11-09 07:01:00,017 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2024-11-09 07:01:05,293 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 07:01:05,365 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 07:01:05,366 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 13 [2024-11-09 07:01:05,373 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2024-11-09 07:01:05,374 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2024-11-09 07:01:05,473 INFO L134 CoverageAnalysis]: Checked inductivity of 921 backedges. 461 proven. 21 refuted. 0 times theorem prover too weak. 359 trivial. 80 not checked. [2024-11-09 07:01:05,473 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 07:01:05,596 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2128586564] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 07:01:05,597 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1879720669] [2024-11-09 07:01:05,598 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 07:01:05,599 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 07:01:05,599 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 07:01:05,599 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 07:01:05,600 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 07:01:06,291 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 07:01:06,395 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 07:01:17,554 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '8494#(and (exists ((|v_#memory_$Pointer$.offset_336| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_336| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_336| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (exists ((|v_#memory_int_301| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_301| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_301| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0)) (exists ((|v_#memory_$Pointer$.base_336| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_336| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_336| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_171| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_207| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_193| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_338| Int)) (and (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_171| 0) (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_207| 0) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_193| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_338| 4294967296)) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_338|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0))))' at error location [2024-11-09 07:01:17,554 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 07:01:17,554 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 07:01:17,554 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [17, 16] total 30 [2024-11-09 07:01:17,554 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1075851037] [2024-11-09 07:01:17,554 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 07:01:17,555 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 30 states [2024-11-09 07:01:17,555 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 07:01:17,555 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 30 interpolants. [2024-11-09 07:01:17,556 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=151, Invalid=2105, Unknown=4, NotChecked=92, Total=2352 [2024-11-09 07:01:17,556 INFO L87 Difference]: Start difference. First operand 225 states and 278 transitions. Second operand has 30 states, 25 states have (on average 2.0) internal successors, (50), 25 states have internal predecessors, (50), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 07:01:20,297 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 07:01:20,297 INFO L93 Difference]: Finished difference Result 235 states and 298 transitions. [2024-11-09 07:01:20,297 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-11-09 07:01:20,298 INFO L78 Accepts]: Start accepts. Automaton has has 30 states, 25 states have (on average 2.0) internal successors, (50), 25 states have internal predecessors, (50), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) Word has length 85 [2024-11-09 07:01:20,298 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 07:01:20,299 INFO L225 Difference]: With dead ends: 235 [2024-11-09 07:01:20,300 INFO L226 Difference]: Without dead ends: 231 [2024-11-09 07:01:20,301 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 199 GetRequests, 136 SyntacticMatches, 6 SemanticMatches, 57 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 970 ImplicationChecksByTransitivity, 17.6s TimeCoverageRelationStatistics Valid=244, Invalid=3062, Unknown=4, NotChecked=112, Total=3422 [2024-11-09 07:01:20,301 INFO L432 NwaCegarLoop]: 126 mSDtfsCounter, 7 mSDsluCounter, 1087 mSDsCounter, 0 mSdLazyCounter, 1700 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 7 SdHoareTripleChecker+Valid, 1213 SdHoareTripleChecker+Invalid, 1873 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 1700 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 159 IncrementalHoareTripleChecker+Unchecked, 1.9s IncrementalHoareTripleChecker+Time [2024-11-09 07:01:20,302 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [7 Valid, 1213 Invalid, 1873 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 1700 Invalid, 0 Unknown, 159 Unchecked, 1.9s Time] [2024-11-09 07:01:20,302 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 231 states. [2024-11-09 07:01:20,308 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 231 to 227. [2024-11-09 07:01:20,309 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 227 states, 146 states have (on average 1.6986301369863013) internal successors, (248), 209 states have internal predecessors, (248), 13 states have call successors, (13), 4 states have call predecessors, (13), 6 states have return successors, (21), 13 states have call predecessors, (21), 12 states have call successors, (21) [2024-11-09 07:01:20,310 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 227 states to 227 states and 282 transitions. [2024-11-09 07:01:20,310 INFO L78 Accepts]: Start accepts. Automaton has 227 states and 282 transitions. Word has length 85 [2024-11-09 07:01:20,310 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 07:01:20,311 INFO L471 AbstractCegarLoop]: Abstraction has 227 states and 282 transitions. [2024-11-09 07:01:20,311 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 30 states, 25 states have (on average 2.0) internal successors, (50), 25 states have internal predecessors, (50), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 07:01:20,311 INFO L276 IsEmpty]: Start isEmpty. Operand 227 states and 282 transitions. [2024-11-09 07:01:20,312 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 87 [2024-11-09 07:01:20,312 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 07:01:20,312 INFO L215 NwaCegarLoop]: trace histogram [37, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 07:01:20,341 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (13)] Forceful destruction successful, exit code 0 [2024-11-09 07:01:20,516 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 13 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable13 [2024-11-09 07:01:20,517 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 07:01:20,517 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 07:01:20,517 INFO L85 PathProgramCache]: Analyzing trace with hash -2100396050, now seen corresponding path program 7 times [2024-11-09 07:01:20,517 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 07:01:20,517 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [825430054] [2024-11-09 07:01:20,518 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 07:01:20,518 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 07:01:20,669 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 07:01:22,941 INFO L134 CoverageAnalysis]: Checked inductivity of 963 backedges. 485 proven. 119 refuted. 0 times theorem prover too weak. 359 trivial. 0 not checked. [2024-11-09 07:01:22,941 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 07:01:22,941 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [825430054] [2024-11-09 07:01:22,941 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [825430054] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 07:01:22,941 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [367928228] [2024-11-09 07:01:22,941 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2024-11-09 07:01:22,941 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 07:01:22,942 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 07:01:22,942 INFO L229 MonitoredProcess]: Starting monitored process 14 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 07:01:22,944 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (14)] Waiting until timeout for monitored process [2024-11-09 07:01:24,229 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 07:01:24,236 INFO L255 TraceCheckSpWp]: Trace formula consists of 1046 conjuncts, 70 conjuncts are in the unsatisfiable core [2024-11-09 07:01:24,240 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 07:01:24,322 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2024-11-09 07:01:32,903 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1) |c_#valid|) (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 07:01:32,980 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 07:01:32,981 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 13 [2024-11-09 07:01:32,999 INFO L349 Elim1Store]: treesize reduction 18, result has 35.7 percent of original size [2024-11-09 07:01:32,999 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 17 treesize of output 21 [2024-11-09 07:01:33,211 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 07:01:33,306 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 07:01:33,307 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 13 [2024-11-09 07:01:33,433 INFO L349 Elim1Store]: treesize reduction 8, result has 52.9 percent of original size [2024-11-09 07:01:33,434 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 2 case distinctions, treesize of input 16 treesize of output 18 [2024-11-09 07:01:33,584 INFO L134 CoverageAnalysis]: Checked inductivity of 963 backedges. 413 proven. 78 refuted. 0 times theorem prover too weak. 205 trivial. 267 not checked. [2024-11-09 07:01:33,584 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 07:01:33,816 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [367928228] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 07:01:33,817 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [533829578] [2024-11-09 07:01:33,819 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 07:01:33,819 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 07:01:33,820 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 07:01:33,821 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 07:01:33,822 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 07:01:35,306 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 07:01:35,434 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 07:02:12,507 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '9296#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l4_insert_~item~0#1.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (exists ((|v_#memory_$Pointer$.base_356| (Array Int (Array Int Int)))) (= (store |v_#memory_$Pointer$.base_356| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_356| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))) |#memory_$Pointer$.base|)) (exists ((|v_#memory_$Pointer$.offset_356| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_356| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_356| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 0)))) (exists ((|v_#memory_int_321| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_321| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_321| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))))) (= |ULTIMATE.start_l1_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (<= 8 (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= |ULTIMATE.start_l3_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~item~4#1.offset| 0) (= |ULTIMATE.start_l1_insert_~item~3#1.offset| 0) (= |ULTIMATE.start_l2_insert_~item~2#1.offset| 0) (exists ((|v_ULTIMATE.start_l4_insert_~list#1.base_23| Int)) (and (or (and (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_298| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_298| 3) 0) 0)) (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_298| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_298| 3) 0) 0)) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l2_insert_~item~2#1.base|) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (exists ((|v_#length_BEFORE_CALL_312| (Array Int Int))) (and (= (select |v_#length_BEFORE_CALL_312| 1) 2) (= (select |v_#length_BEFORE_CALL_312| 2) 14) (= (select |v_#length_BEFORE_CALL_312| 3) 4))) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_202| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_369| Int)) (and (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_369|) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_202| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_369| 4294967296)))) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)) (exists ((|v_old(#memory_int)_AFTER_CALL_190| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_190| 1) 1) 0) (= (select (select |v_old(#memory_int)_AFTER_CALL_190| 1) 0) 48)))) (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l2_insert_~item~2#1.base|) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_300| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_300| 3) 0) 0)) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (exists ((|v_old(#memory_int)_AFTER_CALL_191| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_191| 1) 1) 0) (= (select (select |v_old(#memory_int)_AFTER_CALL_191| 1) 0) 48))) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_#length_BEFORE_CALL_314| (Array Int Int))) (and (= (select |v_#length_BEFORE_CALL_314| 2) 14) (= 2 (select |v_#length_BEFORE_CALL_314| 1)) (= (select |v_#length_BEFORE_CALL_314| 3) 4))) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_202| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_369| Int)) (and (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_369|) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_202| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_369| 4294967296)))) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_300| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_300| 3) 0) 0)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)))) (<= (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_23|) 3))) (= |ULTIMATE.start_l2_insert_~list#1.offset| 0) (= |ULTIMATE.start_l3_insert_~item~1#1.offset| 0))' at error location [2024-11-09 07:02:12,507 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 07:02:12,507 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 07:02:12,507 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [18, 21] total 37 [2024-11-09 07:02:12,507 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [443519935] [2024-11-09 07:02:12,507 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 07:02:12,508 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 37 states [2024-11-09 07:02:12,508 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 07:02:12,509 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 37 interpolants. [2024-11-09 07:02:12,510 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=241, Invalid=3303, Unknown=4, NotChecked=234, Total=3782 [2024-11-09 07:02:12,510 INFO L87 Difference]: Start difference. First operand 227 states and 282 transitions. Second operand has 37 states, 32 states have (on average 1.9375) internal successors, (62), 33 states have internal predecessors, (62), 4 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 6 states have call predecessors, (9), 4 states have call successors, (9) [2024-11-09 07:02:14,559 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:02:16,283 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 1.10s for a HTC check with result INVALID. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:02:18,613 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:02:20,882 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.03s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:02:26,979 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 07:02:26,979 INFO L93 Difference]: Finished difference Result 235 states and 298 transitions. [2024-11-09 07:02:26,980 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-11-09 07:02:26,980 INFO L78 Accepts]: Start accepts. Automaton has has 37 states, 32 states have (on average 1.9375) internal successors, (62), 33 states have internal predecessors, (62), 4 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 6 states have call predecessors, (9), 4 states have call successors, (9) Word has length 86 [2024-11-09 07:02:26,980 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 07:02:26,981 INFO L225 Difference]: With dead ends: 235 [2024-11-09 07:02:26,981 INFO L226 Difference]: Without dead ends: 231 [2024-11-09 07:02:26,983 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 209 GetRequests, 126 SyntacticMatches, 7 SemanticMatches, 76 ConstructedPredicates, 2 IntricatePredicates, 0 DeprecatedPredicates, 1485 ImplicationChecksByTransitivity, 50.5s TimeCoverageRelationStatistics Valid=413, Invalid=5291, Unknown=4, NotChecked=298, Total=6006 [2024-11-09 07:02:26,983 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 56 mSDsluCounter, 1350 mSDsCounter, 0 mSdLazyCounter, 1735 mSolverCounterSat, 23 mSolverCounterUnsat, 3 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 9.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 56 SdHoareTripleChecker+Valid, 1464 SdHoareTripleChecker+Invalid, 2076 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 23 IncrementalHoareTripleChecker+Valid, 1735 IncrementalHoareTripleChecker+Invalid, 3 IncrementalHoareTripleChecker+Unknown, 315 IncrementalHoareTripleChecker+Unchecked, 10.2s IncrementalHoareTripleChecker+Time [2024-11-09 07:02:26,984 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [56 Valid, 1464 Invalid, 2076 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [23 Valid, 1735 Invalid, 3 Unknown, 315 Unchecked, 10.2s Time] [2024-11-09 07:02:26,984 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 231 states. [2024-11-09 07:02:26,990 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 231 to 227. [2024-11-09 07:02:26,991 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 227 states, 148 states have (on average 1.6756756756756757) internal successors, (248), 209 states have internal predecessors, (248), 13 states have call successors, (13), 4 states have call predecessors, (13), 6 states have return successors, (21), 13 states have call predecessors, (21), 12 states have call successors, (21) [2024-11-09 07:02:26,992 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 227 states to 227 states and 282 transitions. [2024-11-09 07:02:26,992 INFO L78 Accepts]: Start accepts. Automaton has 227 states and 282 transitions. Word has length 86 [2024-11-09 07:02:26,993 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 07:02:26,993 INFO L471 AbstractCegarLoop]: Abstraction has 227 states and 282 transitions. [2024-11-09 07:02:26,993 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 37 states, 32 states have (on average 1.9375) internal successors, (62), 33 states have internal predecessors, (62), 4 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 6 states have call predecessors, (9), 4 states have call successors, (9) [2024-11-09 07:02:26,993 INFO L276 IsEmpty]: Start isEmpty. Operand 227 states and 282 transitions. [2024-11-09 07:02:26,994 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2024-11-09 07:02:26,994 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 07:02:26,994 INFO L215 NwaCegarLoop]: trace histogram [38, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 07:02:27,021 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (14)] Ended with exit code 0 [2024-11-09 07:02:27,195 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 14 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable14 [2024-11-09 07:02:27,195 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting ULTIMATE.startErr8REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 07:02:27,196 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 07:02:27,196 INFO L85 PathProgramCache]: Analyzing trace with hash 1988830755, now seen corresponding path program 1 times [2024-11-09 07:02:27,196 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 07:02:27,196 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [457553969] [2024-11-09 07:02:27,196 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 07:02:27,196 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 07:02:27,314 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 07:02:29,093 INFO L134 CoverageAnalysis]: Checked inductivity of 1006 backedges. 586 proven. 167 refuted. 0 times theorem prover too weak. 253 trivial. 0 not checked. [2024-11-09 07:02:29,093 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 07:02:29,093 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [457553969] [2024-11-09 07:02:29,093 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [457553969] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 07:02:29,093 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [121755467] [2024-11-09 07:02:29,093 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 07:02:29,093 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 07:02:29,094 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 07:02:29,095 INFO L229 MonitoredProcess]: Starting monitored process 15 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 07:02:29,096 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (15)] Waiting until timeout for monitored process [2024-11-09 07:02:29,593 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 07:02:29,600 INFO L255 TraceCheckSpWp]: Trace formula consists of 1105 conjuncts, 40 conjuncts are in the unsatisfiable core [2024-11-09 07:02:29,603 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 07:02:29,666 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= |c_#valid| (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 07:02:29,735 INFO L349 Elim1Store]: treesize reduction 20, result has 33.3 percent of original size [2024-11-09 07:02:29,736 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 16 [2024-11-09 07:02:29,808 WARN L851 $PredicateComparison]: unable to prove that (or (exists ((|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_353| |c_#valid|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_353| .cse0 (select |c_#valid| .cse0))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= .cse0 |c_ULTIMATE.start_l4_insert_#t~ret6#1.base|)))) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1)) is different from false [2024-11-09 07:02:29,811 WARN L873 $PredicateComparison]: unable to prove that (or (exists ((|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_353| |c_#valid|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_353| .cse0 (select |c_#valid| .cse0))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= .cse0 |c_ULTIMATE.start_l4_insert_#t~ret6#1.base|)))) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1)) is different from true [2024-11-09 07:02:29,828 WARN L851 $PredicateComparison]: unable to prove that (or (exists ((|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_353| |c_#valid|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_353| .cse0 (select |c_#valid| .cse0))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_ULTIMATE.start_l4_insert_~item~0#1.base| .cse0)))) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1)) is different from false [2024-11-09 07:02:29,831 WARN L873 $PredicateComparison]: unable to prove that (or (exists ((|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_353| |c_#valid|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_353| .cse0 (select |c_#valid| .cse0))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_ULTIMATE.start_l4_insert_~item~0#1.base| .cse0)))) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1)) is different from true [2024-11-09 07:02:29,883 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1) |c_#valid|)) is different from true [2024-11-09 07:02:29,955 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2024-11-09 07:02:29,956 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2024-11-09 07:02:29,970 WARN L851 $PredicateComparison]: unable to prove that (or (and (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1)) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1)) (exists ((|v_#valid_BEFORE_CALL_355| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_355| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1)) (exists ((|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_353| |v_#valid_BEFORE_CALL_355|))) (and (= |v_#valid_BEFORE_CALL_355| (store |v_#valid_BEFORE_CALL_353| .cse0 (select |v_#valid_BEFORE_CALL_355| .cse0))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_ULTIMATE.start_l4_insert_~item~0#1.base| .cse0))))))) is different from false [2024-11-09 07:02:29,973 WARN L873 $PredicateComparison]: unable to prove that (or (and (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1)) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1)) (exists ((|v_#valid_BEFORE_CALL_355| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_355| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1)) (exists ((|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_353| |v_#valid_BEFORE_CALL_355|))) (and (= |v_#valid_BEFORE_CALL_355| (store |v_#valid_BEFORE_CALL_353| .cse0 (select |v_#valid_BEFORE_CALL_355| .cse0))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_ULTIMATE.start_l4_insert_~item~0#1.base| .cse0))))))) is different from true [2024-11-09 07:02:30,002 WARN L851 $PredicateComparison]: unable to prove that (or (exists ((|v_#valid_BEFORE_CALL_355| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int) (|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_353| |v_#valid_BEFORE_CALL_355|))) (and (= (select |c_#valid| .cse0) 1) (= |v_#valid_BEFORE_CALL_355| (store |v_#valid_BEFORE_CALL_353| .cse0 (select |v_#valid_BEFORE_CALL_355| .cse0))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_355| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1))))) (and (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1)) (exists ((|ULTIMATE.start_l4_insert_~item~0#1.base| Int)) (= (select |c_#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1)) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) is different from false [2024-11-09 07:02:30,006 WARN L873 $PredicateComparison]: unable to prove that (or (exists ((|v_#valid_BEFORE_CALL_355| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int) (|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_353| |v_#valid_BEFORE_CALL_355|))) (and (= (select |c_#valid| .cse0) 1) (= |v_#valid_BEFORE_CALL_355| (store |v_#valid_BEFORE_CALL_353| .cse0 (select |v_#valid_BEFORE_CALL_355| .cse0))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_355| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1))))) (and (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1)) (exists ((|ULTIMATE.start_l4_insert_~item~0#1.base| Int)) (= (select |c_#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1)) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) is different from true [2024-11-09 07:02:30,126 INFO L134 CoverageAnalysis]: Checked inductivity of 1006 backedges. 417 proven. 59 refuted. 0 times theorem prover too weak. 196 trivial. 334 not checked. [2024-11-09 07:02:30,126 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 07:02:30,263 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [121755467] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 07:02:30,264 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [111284232] [2024-11-09 07:02:30,265 INFO L159 IcfgInterpreter]: Started Sifa with 29 locations of interest [2024-11-09 07:02:30,266 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 07:02:30,266 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 07:02:30,266 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 07:02:30,266 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 07:02:30,959 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 07:02:31,157 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 07:02:41,522 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '10133#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (exists ((|v_#memory_$Pointer$.offset_379| (Array Int (Array Int Int))) (|v_#memory_int_345| (Array Int (Array Int Int))) (|v_ULTIMATE.start_l4_insert_~list#1.offset_21| Int) (|v_ULTIMATE.start_l4_insert_~list#1.base_24| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_185| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_389| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_207| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_223| Int) (|v_#memory_$Pointer$.base_379| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.base_378| (Array Int (Array Int Int))) (|v_#memory_int_344| (Array Int (Array Int Int))) (|v_#memory_int_343| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.offset_378| (Array Int (Array Int Int)))) (and (<= 0 |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (= (store |v_#memory_$Pointer$.base_378| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_$Pointer$.base_378| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 4) (select (select |v_#memory_$Pointer$.base_379| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 4)))) |v_#memory_$Pointer$.base_379|) (<= 0 (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (= |v_#memory_$Pointer$.offset_379| (store |v_#memory_$Pointer$.offset_378| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_$Pointer$.offset_378| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 4) 0))) (= (select |#valid| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) 1) (<= (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 8) (select |#length| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|))) (= (store |v_#memory_int_343| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_int_343| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 4) (select (select |v_#memory_int_344| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 4)))) |v_#memory_int_344|) (= |#memory_$Pointer$.offset| (store (store |v_#memory_$Pointer$.offset_379| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_$Pointer$.offset_379| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (select (select |v_#memory_$Pointer$.offset_379| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|))) |v_ULTIMATE.start_l4_insert_~list#1.base_24| (store (select (store |v_#memory_$Pointer$.offset_379| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_$Pointer$.offset_379| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (select (select |v_#memory_$Pointer$.offset_379| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|))) |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21| (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)))) (<= (+ 4 |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_24|)) (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_185| 0) (= (store (store |v_#memory_$Pointer$.base_379| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_$Pointer$.base_379| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (select (select |v_#memory_$Pointer$.base_379| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|))) |v_ULTIMATE.start_l4_insert_~list#1.base_24| (store (select (store |v_#memory_$Pointer$.base_379| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_$Pointer$.base_379| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (select (select |v_#memory_$Pointer$.base_379| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|))) |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|))) |#memory_$Pointer$.base|) (= (store |v_#memory_int_344| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_int_344| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (select (select |v_#memory_int_345| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)))) |v_#memory_int_345|) (= (select |#valid| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) 1) (not (= (select (select |v_#memory_$Pointer$.base_379| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 4)) 0)) (= |#memory_int| (store |v_#memory_int_345| |v_ULTIMATE.start_l4_insert_~list#1.base_24| (store (select |v_#memory_int_345| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21| (select (select |#memory_int| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)))) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_389|) (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_223| 0) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_207| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_389| 4294967296)))) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (exists ((|v_ULTIMATE.start_l3_insert_~list#1.base_15| Int)) (not (= (select |#valid| |v_ULTIMATE.start_l3_insert_~list#1.base_15|) 1))))' at error location [2024-11-09 07:02:41,522 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 07:02:41,522 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 07:02:41,523 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [17, 17] total 25 [2024-11-09 07:02:41,523 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [858014745] [2024-11-09 07:02:41,523 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 07:02:41,523 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 26 states [2024-11-09 07:02:41,523 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 07:02:41,524 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2024-11-09 07:02:41,525 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=150, Invalid=1752, Unknown=14, NotChecked=534, Total=2450 [2024-11-09 07:02:41,525 INFO L87 Difference]: Start difference. First operand 227 states and 282 transitions. Second operand has 26 states, 21 states have (on average 2.857142857142857) internal successors, (60), 20 states have internal predecessors, (60), 5 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 8 states have call predecessors, (9), 5 states have call successors, (9) [2024-11-09 07:02:41,940 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse1 (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) (and (or (exists ((|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_353| |c_#valid|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_353| .cse0 (select |c_#valid| .cse0))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= .cse0 |c_ULTIMATE.start_l4_insert_#t~ret6#1.base|)))) .cse1) (= (select |c_#valid| |c_ULTIMATE.start_l2_insert_~item~2#1.base|) 1) .cse1)) is different from false [2024-11-09 07:02:41,943 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse1 (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) (and (or (exists ((|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_353| |c_#valid|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_353| .cse0 (select |c_#valid| .cse0))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= .cse0 |c_ULTIMATE.start_l4_insert_#t~ret6#1.base|)))) .cse1) (= (select |c_#valid| |c_ULTIMATE.start_l2_insert_~item~2#1.base|) 1) .cse1)) is different from true [2024-11-09 07:02:41,947 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse0 (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) (and (or (= |c_ULTIMATE.start_l4_insert_~item~0#1.base| |c_ULTIMATE.start_l3_insert_~list#1.base|) .cse0 (= |c_ULTIMATE.start_l3_insert_~list#1.base| |c_ULTIMATE.start_l4_insert_~list#1.base|)) (or (exists ((|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_353| |c_#valid|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_353| .cse1 (select |c_#valid| .cse1))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_ULTIMATE.start_l4_insert_~item~0#1.base| .cse1)))) .cse0))) is different from false [2024-11-09 07:02:41,950 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse0 (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) (and (or (= |c_ULTIMATE.start_l4_insert_~item~0#1.base| |c_ULTIMATE.start_l3_insert_~list#1.base|) .cse0 (= |c_ULTIMATE.start_l3_insert_~list#1.base| |c_ULTIMATE.start_l4_insert_~list#1.base|)) (or (exists ((|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_353| |c_#valid|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_353| .cse1 (select |c_#valid| .cse1))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_ULTIMATE.start_l4_insert_~item~0#1.base| .cse1)))) .cse0))) is different from true [2024-11-09 07:02:41,954 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse0 (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) (and (or (and (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1)) .cse0) (exists ((|v_#valid_BEFORE_CALL_355| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_355| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1)) (exists ((|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_353| |v_#valid_BEFORE_CALL_355|))) (and (= |v_#valid_BEFORE_CALL_355| (store |v_#valid_BEFORE_CALL_353| .cse1 (select |v_#valid_BEFORE_CALL_355| .cse1))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_ULTIMATE.start_l4_insert_~item~0#1.base| .cse1))))))) (or (= |c_ULTIMATE.start_l4_insert_~item~0#1.base| |c_ULTIMATE.start_l3_insert_~list#1.base|) .cse0 (= |c_ULTIMATE.start_l3_insert_~list#1.base| |c_ULTIMATE.start_l4_insert_~list#1.base|)))) is different from false [2024-11-09 07:02:41,957 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse0 (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) (and (or (and (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1)) .cse0) (exists ((|v_#valid_BEFORE_CALL_355| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_355| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1)) (exists ((|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_353| |v_#valid_BEFORE_CALL_355|))) (and (= |v_#valid_BEFORE_CALL_355| (store |v_#valid_BEFORE_CALL_353| .cse1 (select |v_#valid_BEFORE_CALL_355| .cse1))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_ULTIMATE.start_l4_insert_~item~0#1.base| .cse1))))))) (or (= |c_ULTIMATE.start_l4_insert_~item~0#1.base| |c_ULTIMATE.start_l3_insert_~list#1.base|) .cse0 (= |c_ULTIMATE.start_l3_insert_~list#1.base| |c_ULTIMATE.start_l4_insert_~list#1.base|)))) is different from true [2024-11-09 07:02:41,961 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse0 (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) (and (or .cse0 (= |c_ULTIMATE.start_l3_insert_~list#1.base| |c_ULTIMATE.start_l4_insert_~list#1.base|)) (or (exists ((|v_#valid_BEFORE_CALL_355| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int) (|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_353| |v_#valid_BEFORE_CALL_355|))) (and (= (select |c_#valid| .cse1) 1) (= |v_#valid_BEFORE_CALL_355| (store |v_#valid_BEFORE_CALL_353| .cse1 (select |v_#valid_BEFORE_CALL_355| .cse1))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_355| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1))))) (and (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1)) (exists ((|ULTIMATE.start_l4_insert_~item~0#1.base| Int)) (= (select |c_#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1)) .cse0)))) is different from false [2024-11-09 07:02:41,964 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse0 (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) (and (or .cse0 (= |c_ULTIMATE.start_l3_insert_~list#1.base| |c_ULTIMATE.start_l4_insert_~list#1.base|)) (or (exists ((|v_#valid_BEFORE_CALL_355| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int) (|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_353| |v_#valid_BEFORE_CALL_355|))) (and (= (select |c_#valid| .cse1) 1) (= |v_#valid_BEFORE_CALL_355| (store |v_#valid_BEFORE_CALL_353| .cse1 (select |v_#valid_BEFORE_CALL_355| .cse1))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_355| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1))))) (and (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1)) (exists ((|ULTIMATE.start_l4_insert_~item~0#1.base| Int)) (= (select |c_#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1)) .cse0)))) is different from true [2024-11-09 07:02:41,969 WARN L851 $PredicateComparison]: unable to prove that (let ((.cse1 (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) (and (or (exists ((|v_#valid_BEFORE_CALL_355| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int) (|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_353| |v_#valid_BEFORE_CALL_355|))) (and (= (select |c_#valid| .cse0) 1) (= |v_#valid_BEFORE_CALL_355| (store |v_#valid_BEFORE_CALL_353| .cse0 (select |v_#valid_BEFORE_CALL_355| .cse0))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_355| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1))))) (and (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1)) (exists ((|ULTIMATE.start_l4_insert_~item~0#1.base| Int)) (= (select |c_#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1)) .cse1)) .cse1)) is different from false [2024-11-09 07:02:41,974 WARN L873 $PredicateComparison]: unable to prove that (let ((.cse1 (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) (and (or (exists ((|v_#valid_BEFORE_CALL_355| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int) (|v_#valid_BEFORE_CALL_353| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_353| |v_#valid_BEFORE_CALL_355|))) (and (= (select |c_#valid| .cse0) 1) (= |v_#valid_BEFORE_CALL_355| (store |v_#valid_BEFORE_CALL_353| .cse0 (select |v_#valid_BEFORE_CALL_355| .cse0))) (= (select |v_#valid_BEFORE_CALL_353| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= |c_#valid| (store |v_#valid_BEFORE_CALL_355| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1))))) (and (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1)) (exists ((|ULTIMATE.start_l4_insert_~item~0#1.base| Int)) (= (select |c_#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1)) .cse1)) .cse1)) is different from true [2024-11-09 07:02:43,271 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 07:02:43,272 INFO L93 Difference]: Finished difference Result 260 states and 331 transitions. [2024-11-09 07:02:43,272 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2024-11-09 07:02:43,272 INFO L78 Accepts]: Start accepts. Automaton has has 26 states, 21 states have (on average 2.857142857142857) internal successors, (60), 20 states have internal predecessors, (60), 5 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 8 states have call predecessors, (9), 5 states have call successors, (9) Word has length 91 [2024-11-09 07:02:43,273 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 07:02:43,275 INFO L225 Difference]: With dead ends: 260 [2024-11-09 07:02:43,275 INFO L226 Difference]: Without dead ends: 260 [2024-11-09 07:02:43,276 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 222 GetRequests, 158 SyntacticMatches, 8 SemanticMatches, 56 ConstructedPredicates, 11 IntricatePredicates, 0 DeprecatedPredicates, 727 ImplicationChecksByTransitivity, 11.2s TimeCoverageRelationStatistics Valid=185, Invalid=1997, Unknown=24, NotChecked=1100, Total=3306 [2024-11-09 07:02:43,277 INFO L432 NwaCegarLoop]: 122 mSDtfsCounter, 17 mSDsluCounter, 1350 mSDsCounter, 0 mSdLazyCounter, 1287 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 17 SdHoareTripleChecker+Valid, 1472 SdHoareTripleChecker+Invalid, 2548 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 1287 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 1240 IncrementalHoareTripleChecker+Unchecked, 1.5s IncrementalHoareTripleChecker+Time [2024-11-09 07:02:43,277 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [17 Valid, 1472 Invalid, 2548 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 1287 Invalid, 0 Unknown, 1240 Unchecked, 1.5s Time] [2024-11-09 07:02:43,278 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 260 states. [2024-11-09 07:02:43,284 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 260 to 257. [2024-11-09 07:02:43,285 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 257 states, 172 states have (on average 1.627906976744186) internal successors, (280), 233 states have internal predecessors, (280), 19 states have call successors, (19), 4 states have call predecessors, (19), 6 states have return successors, (30), 19 states have call predecessors, (30), 18 states have call successors, (30) [2024-11-09 07:02:43,286 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 257 states to 257 states and 329 transitions. [2024-11-09 07:02:43,286 INFO L78 Accepts]: Start accepts. Automaton has 257 states and 329 transitions. Word has length 91 [2024-11-09 07:02:43,287 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 07:02:43,287 INFO L471 AbstractCegarLoop]: Abstraction has 257 states and 329 transitions. [2024-11-09 07:02:43,287 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 26 states, 21 states have (on average 2.857142857142857) internal successors, (60), 20 states have internal predecessors, (60), 5 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 8 states have call predecessors, (9), 5 states have call successors, (9) [2024-11-09 07:02:43,287 INFO L276 IsEmpty]: Start isEmpty. Operand 257 states and 329 transitions. [2024-11-09 07:02:43,288 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2024-11-09 07:02:43,288 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 07:02:43,288 INFO L215 NwaCegarLoop]: trace histogram [38, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 07:02:43,311 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (15)] Ended with exit code 0 [2024-11-09 07:02:43,492 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 15 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable15 [2024-11-09 07:02:43,493 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting ULTIMATE.startErr9REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 07:02:43,493 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 07:02:43,493 INFO L85 PathProgramCache]: Analyzing trace with hash 1988830756, now seen corresponding path program 1 times [2024-11-09 07:02:43,493 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 07:02:43,494 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1345756376] [2024-11-09 07:02:43,494 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 07:02:43,494 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 07:02:43,792 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unknown [2024-11-09 07:02:43,800 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [1042508882] [2024-11-09 07:02:43,800 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 07:02:43,800 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 07:02:43,801 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 07:02:43,802 INFO L229 MonitoredProcess]: Starting monitored process 16 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 07:02:43,804 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (16)] Waiting until timeout for monitored process [2024-11-09 07:02:45,461 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 07:02:45,469 INFO L255 TraceCheckSpWp]: Trace formula consists of 1105 conjuncts, 113 conjuncts are in the unsatisfiable core [2024-11-09 07:02:45,473 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 07:02:45,501 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2024-11-09 07:02:46,204 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1) |c_#valid|) (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 07:02:46,279 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 07:02:46,280 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 9 [2024-11-09 07:02:46,306 INFO L349 Elim1Store]: treesize reduction 18, result has 35.7 percent of original size [2024-11-09 07:02:46,306 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 17 treesize of output 21 [2024-11-09 07:02:46,422 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 07:02:46,493 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 07:02:46,494 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 2 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 9 [2024-11-09 07:02:46,518 INFO L349 Elim1Store]: treesize reduction 8, result has 52.9 percent of original size [2024-11-09 07:02:46,518 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 3 select indices, 3 select index equivalence classes, 1 disjoint index pairs (out of 3 index pairs), introduced 3 new quantified variables, introduced 2 case distinctions, treesize of input 16 treesize of output 18 [2024-11-09 07:02:46,618 WARN L873 $PredicateComparison]: unable to prove that (exists ((|v_zalloc_or_die_calloc_model_~nmemb#1_314| Int) (|v_zalloc_or_die_calloc_model_~size#1_314| Int) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (let ((.cse1 (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) (.cse0 (* |v_zalloc_or_die_calloc_model_~size#1_314| |v_zalloc_or_die_calloc_model_~nmemb#1_314|))) (and (<= (mod .cse0 4294967296) .cse1) (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| .cse1) |c_#length|) (= .cse0 |c_zalloc_or_die_#Ultimate.C_memset_#amount#1|)))) is different from true [2024-11-09 07:02:56,156 INFO L349 Elim1Store]: treesize reduction 13, result has 40.9 percent of original size [2024-11-09 07:02:56,157 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 14 treesize of output 13 [2024-11-09 07:02:57,106 INFO L134 CoverageAnalysis]: Checked inductivity of 1006 backedges. 327 proven. 214 refuted. 0 times theorem prover too weak. 95 trivial. 370 not checked. [2024-11-09 07:02:57,106 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 07:02:58,917 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 07:02:58,918 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1345756376] [2024-11-09 07:02:58,918 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2024-11-09 07:02:58,918 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1042508882] [2024-11-09 07:02:58,918 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1042508882] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 07:02:58,918 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [152008428] [2024-11-09 07:02:58,920 INFO L159 IcfgInterpreter]: Started Sifa with 29 locations of interest [2024-11-09 07:02:58,920 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 07:02:58,920 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 07:02:58,920 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 07:02:58,921 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 07:02:59,545 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 07:02:59,670 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 07:03:18,168 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '11018#(and (exists ((|v_#memory_$Pointer$.offset_403| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.offset_404| (Array Int (Array Int Int))) (|v_#memory_int_368| (Array Int (Array Int Int))) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_194| Int) (|v_#memory_$Pointer$.base_404| (Array Int (Array Int Int))) (|v_#memory_int_369| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.base_403| (Array Int (Array Int Int))) (|v_ULTIMATE.start_l4_insert_~list#1.offset_22| Int) (|v_ULTIMATE.start_l4_insert_~list#1.base_25| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_431| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_233| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_216| Int) (|v_#memory_int_370| (Array Int (Array Int Int)))) (and (= (store |v_#memory_int_369| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_int_369| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (select (select |v_#memory_int_370| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)))) |v_#memory_int_370|) (= (select |#valid| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) 1) (<= (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 8) (select |#length| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|))) (= (store |v_#memory_int_368| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_int_368| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 4) (select (select |v_#memory_int_369| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 4)))) |v_#memory_int_369|) (= (store (store |v_#memory_$Pointer$.base_404| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_$Pointer$.base_404| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (select (select |v_#memory_$Pointer$.base_404| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|))) |v_ULTIMATE.start_l4_insert_~list#1.base_25| (store (select (store |v_#memory_$Pointer$.base_404| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_$Pointer$.base_404| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (select (select |v_#memory_$Pointer$.base_404| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|))) |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|))) |#memory_$Pointer$.base|) (= |#memory_int| (store |v_#memory_int_370| |v_ULTIMATE.start_l4_insert_~list#1.base_25| (store (select |v_#memory_int_370| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22| (select (select |#memory_int| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)))) (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_233| 0) (not (= (select (select |v_#memory_$Pointer$.base_404| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 4)) 0)) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_431|) (<= (+ 4 |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_25|)) (= (store |v_#memory_$Pointer$.base_403| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_$Pointer$.base_403| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 4) (select (select |v_#memory_$Pointer$.base_404| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 4)))) |v_#memory_$Pointer$.base_404|) (<= 0 (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_194| 0) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_216| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr33#1_431| 4294967296)) (= |v_#memory_$Pointer$.offset_404| (store |v_#memory_$Pointer$.offset_403| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_$Pointer$.offset_403| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) 4) 0))) (<= 0 |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (= |#memory_$Pointer$.offset| (store (store |v_#memory_$Pointer$.offset_404| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_$Pointer$.offset_404| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (select (select |v_#memory_$Pointer$.offset_404| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|))) |v_ULTIMATE.start_l4_insert_~list#1.base_25| (store (select (store |v_#memory_$Pointer$.offset_404| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (store (select |v_#memory_$Pointer$.offset_404| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|) (select (select |v_#memory_$Pointer$.offset_404| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|))) |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22| (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) |v_ULTIMATE.start_l4_insert_~list#1.offset_22|)))) (= (select |#valid| |v_ULTIMATE.start_l4_insert_~list#1.base_25|) 1))) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0))' at error location [2024-11-09 07:03:18,168 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 07:03:18,168 INFO L185 FreeRefinementEngine]: Found 0 perfect and 1 imperfect interpolant sequences. [2024-11-09 07:03:18,168 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [35] total 35 [2024-11-09 07:03:18,168 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1088658774] [2024-11-09 07:03:18,168 INFO L85 oduleStraightlineAll]: Using 1 imperfect interpolants to construct interpolant automaton [2024-11-09 07:03:18,169 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 36 states [2024-11-09 07:03:18,169 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 07:03:18,169 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 36 interpolants. [2024-11-09 07:03:18,170 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=167, Invalid=2910, Unknown=15, NotChecked=330, Total=3422 [2024-11-09 07:03:18,170 INFO L87 Difference]: Start difference. First operand 257 states and 329 transitions. Second operand has 36 states, 33 states have (on average 1.7878787878787878) internal successors, (59), 33 states have internal predecessors, (59), 4 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) [2024-11-09 07:03:22,796 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:03:26,188 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.02s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:03:28,835 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:03:33,178 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.03s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:03:35,627 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:03:38,315 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.02s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:03:41,083 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:03:44,072 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:03:46,961 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:03:49,626 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:03:51,731 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:03:57,111 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.02s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:02,884 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:05,685 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:07,768 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:10,311 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:12,384 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:14,436 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.05s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:16,503 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:18,581 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:20,654 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:22,777 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:25,094 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:30,019 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:32,200 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:34,247 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:36,331 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:38,451 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.02s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 07:04:38,502 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 07:04:38,503 INFO L93 Difference]: Finished difference Result 281 states and 373 transitions. [2024-11-09 07:04:38,503 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 23 states. [2024-11-09 07:04:38,504 INFO L78 Accepts]: Start accepts. Automaton has has 36 states, 33 states have (on average 1.7878787878787878) internal successors, (59), 33 states have internal predecessors, (59), 4 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) Word has length 91 [2024-11-09 07:04:38,504 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 07:04:38,506 INFO L225 Difference]: With dead ends: 281 [2024-11-09 07:04:38,506 INFO L226 Difference]: Without dead ends: 281 [2024-11-09 07:04:38,507 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 207 GetRequests, 125 SyntacticMatches, 7 SemanticMatches, 75 ConstructedPredicates, 3 IntricatePredicates, 0 DeprecatedPredicates, 1269 ImplicationChecksByTransitivity, 45.5s TimeCoverageRelationStatistics Valid=302, Invalid=5093, Unknown=19, NotChecked=438, Total=5852 [2024-11-09 07:04:38,509 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 65 mSDsluCounter, 2133 mSDsCounter, 0 mSdLazyCounter, 2818 mSolverCounterSat, 20 mSolverCounterUnsat, 31 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 62.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 65 SdHoareTripleChecker+Valid, 2242 SdHoareTripleChecker+Invalid, 3357 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 20 IncrementalHoareTripleChecker+Valid, 2818 IncrementalHoareTripleChecker+Invalid, 31 IncrementalHoareTripleChecker+Unknown, 488 IncrementalHoareTripleChecker+Unchecked, 64.4s IncrementalHoareTripleChecker+Time [2024-11-09 07:04:38,509 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [65 Valid, 2242 Invalid, 3357 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [20 Valid, 2818 Invalid, 31 Unknown, 488 Unchecked, 64.4s Time] [2024-11-09 07:04:38,510 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 281 states. [2024-11-09 07:04:38,523 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 281 to 221. [2024-11-09 07:04:38,527 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 221 states, 148 states have (on average 1.5945945945945945) internal successors, (236), 203 states have internal predecessors, (236), 13 states have call successors, (13), 4 states have call predecessors, (13), 6 states have return successors, (21), 13 states have call predecessors, (21), 12 states have call successors, (21) [2024-11-09 07:04:38,529 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 221 states to 221 states and 270 transitions. [2024-11-09 07:04:38,530 INFO L78 Accepts]: Start accepts. Automaton has 221 states and 270 transitions. Word has length 91 [2024-11-09 07:04:38,531 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 07:04:38,531 INFO L471 AbstractCegarLoop]: Abstraction has 221 states and 270 transitions. [2024-11-09 07:04:38,531 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 36 states, 33 states have (on average 1.7878787878787878) internal successors, (59), 33 states have internal predecessors, (59), 4 states have call successors, (6), 3 states have call predecessors, (6), 5 states have return successors, (6), 5 states have call predecessors, (6), 4 states have call successors, (6) [2024-11-09 07:04:38,531 INFO L276 IsEmpty]: Start isEmpty. Operand 221 states and 270 transitions. [2024-11-09 07:04:38,532 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 93 [2024-11-09 07:04:38,532 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 07:04:38,532 INFO L215 NwaCegarLoop]: trace histogram [38, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 07:04:38,573 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (16)] Ended with exit code 0 [2024-11-09 07:04:38,733 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 16 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable16 [2024-11-09 07:04:38,734 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting ULTIMATE.startErr11REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 67 more)] === [2024-11-09 07:04:38,734 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 07:04:38,734 INFO L85 PathProgramCache]: Analyzing trace with hash 1524211293, now seen corresponding path program 1 times [2024-11-09 07:04:38,734 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 07:04:38,734 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [627767981] [2024-11-09 07:04:38,734 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 07:04:38,735 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 07:04:38,891 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 07:04:42,670 INFO L134 CoverageAnalysis]: Checked inductivity of 1006 backedges. 418 proven. 406 refuted. 0 times theorem prover too weak. 182 trivial. 0 not checked. [2024-11-09 07:04:42,670 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 07:04:42,670 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [627767981] [2024-11-09 07:04:42,670 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [627767981] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 07:04:42,671 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1774834033] [2024-11-09 07:04:42,671 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 07:04:42,671 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 07:04:42,671 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 07:04:42,673 INFO L229 MonitoredProcess]: Starting monitored process 17 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 07:04:42,674 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1ed8f936-d0bc-470b-8806-1446171122e4/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (17)] Waiting until timeout for monitored process [2024-11-09 07:04:44,073 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 07:04:44,079 INFO L255 TraceCheckSpWp]: Trace formula consists of 1113 conjuncts, 121 conjuncts are in the unsatisfiable core [2024-11-09 07:04:44,084 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 07:04:44,448 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2024-11-09 07:04:53,485 WARN L851 $PredicateComparison]: unable to prove that (and (or (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (let ((.cse0 (@diff |v_#length_BEFORE_CALL_408| |c_#length|))) (and (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= (store |v_#length_BEFORE_CALL_408| .cse0 (select |c_#length| .cse0)) |c_#length|) (= .cse0 |c_ULTIMATE.start_l3_insert_#t~ret9#1.base|)))) (= 5 (select |c_#length| |c_ULTIMATE.start_l3_insert_~list#1.base|))) (or (exists ((|v_#valid_BEFORE_CALL_421| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_421| |c_#valid|))) (and (= .cse1 |c_ULTIMATE.start_l3_insert_#t~ret9#1.base|) (= |c_#valid| (store |v_#valid_BEFORE_CALL_421| .cse1 (select |c_#valid| .cse1))) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_#t~ret9#1.base|) 0)))) (and (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_#t~ret9#1.base|) 0) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) (= 4 |c_ULTIMATE.start_l3_insert_~list#1.offset|)) is different from false [2024-11-09 07:04:53,490 WARN L873 $PredicateComparison]: unable to prove that (and (or (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (let ((.cse0 (@diff |v_#length_BEFORE_CALL_408| |c_#length|))) (and (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= (store |v_#length_BEFORE_CALL_408| .cse0 (select |c_#length| .cse0)) |c_#length|) (= .cse0 |c_ULTIMATE.start_l3_insert_#t~ret9#1.base|)))) (= 5 (select |c_#length| |c_ULTIMATE.start_l3_insert_~list#1.base|))) (or (exists ((|v_#valid_BEFORE_CALL_421| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_421| |c_#valid|))) (and (= .cse1 |c_ULTIMATE.start_l3_insert_#t~ret9#1.base|) (= |c_#valid| (store |v_#valid_BEFORE_CALL_421| .cse1 (select |c_#valid| .cse1))) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_#t~ret9#1.base|) 0)))) (and (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_#t~ret9#1.base|) 0) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))) (= 4 |c_ULTIMATE.start_l3_insert_~list#1.offset|)) is different from true [2024-11-09 07:04:53,548 WARN L851 $PredicateComparison]: unable to prove that (and (or (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (let ((.cse0 (@diff |v_#length_BEFORE_CALL_408| |c_#length|))) (and (= .cse0 |c_ULTIMATE.start_l3_insert_~item~1#1.base|) (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= (store |v_#length_BEFORE_CALL_408| .cse0 (select |c_#length| .cse0)) |c_#length|)))) (= 5 (select |c_#length| |c_ULTIMATE.start_l3_insert_~list#1.base|))) (= 4 |c_ULTIMATE.start_l3_insert_~list#1.offset|) (or (exists ((|v_#valid_BEFORE_CALL_421| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_421| |c_#valid|))) (and (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~item~1#1.base|) 0) (= .cse1 |c_ULTIMATE.start_l3_insert_~item~1#1.base|) (= |c_#valid| (store |v_#valid_BEFORE_CALL_421| .cse1 (select |c_#valid| .cse1))) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1)))) (and (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~item~1#1.base|) 0) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1)))) is different from false [2024-11-09 07:04:53,553 WARN L873 $PredicateComparison]: unable to prove that (and (or (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (let ((.cse0 (@diff |v_#length_BEFORE_CALL_408| |c_#length|))) (and (= .cse0 |c_ULTIMATE.start_l3_insert_~item~1#1.base|) (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= (store |v_#length_BEFORE_CALL_408| .cse0 (select |c_#length| .cse0)) |c_#length|)))) (= 5 (select |c_#length| |c_ULTIMATE.start_l3_insert_~list#1.base|))) (= 4 |c_ULTIMATE.start_l3_insert_~list#1.offset|) (or (exists ((|v_#valid_BEFORE_CALL_421| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_421| |c_#valid|))) (and (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~item~1#1.base|) 0) (= .cse1 |c_ULTIMATE.start_l3_insert_~item~1#1.base|) (= |c_#valid| (store |v_#valid_BEFORE_CALL_421| .cse1 (select |c_#valid| .cse1))) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1)))) (and (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~item~1#1.base|) 0) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1)))) is different from true [2024-11-09 07:04:53,639 WARN L851 $PredicateComparison]: unable to prove that (and (let ((.cse0 (= 5 (select |c_#length| |c_ULTIMATE.start_l3_insert_~list#1.base|)))) (or (and .cse0 (exists ((|v_#valid_BEFORE_CALL_421| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_421| |c_#valid|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_421| .cse1 (select |c_#valid| .cse1))) (= 0 (select |v_#valid_BEFORE_CALL_421| .cse1)) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))))) (and (or (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (let ((.cse2 (@diff |v_#length_BEFORE_CALL_408| |c_#length|))) (and (= (select |c_#valid| .cse2) 0) (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= (store |v_#length_BEFORE_CALL_408| .cse2 (select |c_#length| .cse2)) |c_#length|)))) (and (exists ((|ULTIMATE.start_l4_insert_~list#1.base| Int)) (= (select |c_#valid| |ULTIMATE.start_l4_insert_~list#1.base|) 0)) .cse0)) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1)) (exists ((|v_#valid_BEFORE_CALL_421| (Array Int Int))) (let ((.cse3 (@diff |v_#valid_BEFORE_CALL_421| |c_#valid|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_421| .cse3 (select |c_#valid| .cse3))) (= 0 (select |v_#valid_BEFORE_CALL_421| .cse3)) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (let ((.cse4 (@diff |v_#length_BEFORE_CALL_408| |c_#length|))) (and (= .cse3 .cse4) (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= (store |v_#length_BEFORE_CALL_408| .cse4 (select |c_#length| .cse4)) |c_#length|))))))))) (= 4 |c_ULTIMATE.start_l3_insert_~list#1.offset|)) is different from false [2024-11-09 07:04:53,644 WARN L873 $PredicateComparison]: unable to prove that (and (let ((.cse0 (= 5 (select |c_#length| |c_ULTIMATE.start_l3_insert_~list#1.base|)))) (or (and .cse0 (exists ((|v_#valid_BEFORE_CALL_421| (Array Int Int))) (let ((.cse1 (@diff |v_#valid_BEFORE_CALL_421| |c_#valid|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_421| .cse1 (select |c_#valid| .cse1))) (= 0 (select |v_#valid_BEFORE_CALL_421| .cse1)) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))))) (and (or (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (let ((.cse2 (@diff |v_#length_BEFORE_CALL_408| |c_#length|))) (and (= (select |c_#valid| .cse2) 0) (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= (store |v_#length_BEFORE_CALL_408| .cse2 (select |c_#length| .cse2)) |c_#length|)))) (and (exists ((|ULTIMATE.start_l4_insert_~list#1.base| Int)) (= (select |c_#valid| |ULTIMATE.start_l4_insert_~list#1.base|) 0)) .cse0)) (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1)) (exists ((|v_#valid_BEFORE_CALL_421| (Array Int Int))) (let ((.cse3 (@diff |v_#valid_BEFORE_CALL_421| |c_#valid|))) (and (= |c_#valid| (store |v_#valid_BEFORE_CALL_421| .cse3 (select |c_#valid| .cse3))) (= 0 (select |v_#valid_BEFORE_CALL_421| .cse3)) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (let ((.cse4 (@diff |v_#length_BEFORE_CALL_408| |c_#length|))) (and (= .cse3 .cse4) (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= (store |v_#length_BEFORE_CALL_408| .cse4 (select |c_#length| .cse4)) |c_#length|))))))))) (= 4 |c_ULTIMATE.start_l3_insert_~list#1.offset|)) is different from true [2024-11-09 07:04:53,814 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1) |c_#valid|) (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 07:04:54,125 INFO L349 Elim1Store]: treesize reduction 70, result has 41.7 percent of original size [2024-11-09 07:04:54,126 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 4 select indices, 4 select index equivalence classes, 0 disjoint index pairs (out of 6 index pairs), introduced 4 new quantified variables, introduced 9 case distinctions, treesize of input 54 treesize of output 92 [2024-11-09 07:04:54,395 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 07:04:54,396 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 9 [2024-11-09 07:04:56,673 WARN L851 $PredicateComparison]: unable to prove that (and (= 4 |c_ULTIMATE.start_l3_insert_~list#1.offset|) (or (exists ((|v_#length_BEFORE_CALL_410| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= |c_#length| (store |v_#length_BEFORE_CALL_410| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (exists ((|v_old(#valid)_AFTER_CALL_242| (Array Int Int))) (and (= (select |v_old(#valid)_AFTER_CALL_242| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_242| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1)) (exists ((|v_#valid_BEFORE_CALL_421| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_421| |v_old(#valid)_AFTER_CALL_242|))) (and (= (store |v_#valid_BEFORE_CALL_421| .cse0 (select |v_old(#valid)_AFTER_CALL_242| .cse0)) |v_old(#valid)_AFTER_CALL_242|) (= (select |v_#valid_BEFORE_CALL_421| .cse0) 0) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (let ((.cse1 (@diff |v_#length_BEFORE_CALL_408| |v_#length_BEFORE_CALL_410|))) (and (= (store |v_#length_BEFORE_CALL_408| .cse1 (select |v_#length_BEFORE_CALL_410| .cse1)) |v_#length_BEFORE_CALL_410|) (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= .cse1 .cse0))))))))))) (and (= 5 (select |c_#length| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (exists ((|v_old(#valid)_AFTER_CALL_242| (Array Int Int)) (|v_#valid_BEFORE_CALL_421| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (let ((.cse2 (@diff |v_#valid_BEFORE_CALL_421| |v_old(#valid)_AFTER_CALL_242|))) (and (= (store |v_#valid_BEFORE_CALL_421| .cse2 (select |v_old(#valid)_AFTER_CALL_242| .cse2)) |v_old(#valid)_AFTER_CALL_242|) (= (select |v_old(#valid)_AFTER_CALL_242| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0) (= (select |v_#valid_BEFORE_CALL_421| .cse2) 0) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_242| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1)) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))))) (and (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (or (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (exists ((|v_#length_BEFORE_CALL_410| (Array Int Int))) (and (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (let ((.cse3 (@diff |v_#length_BEFORE_CALL_408| |v_#length_BEFORE_CALL_410|))) (and (= (store |v_#length_BEFORE_CALL_408| .cse3 (select |v_#length_BEFORE_CALL_410| .cse3)) |v_#length_BEFORE_CALL_410|) (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= (select |c_#valid| .cse3) 0)))) (= |c_#length| (store |v_#length_BEFORE_CALL_410| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))))) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1) (not (= |c_ULTIMATE.start_l3_insert_~list#1.base| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)))) (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (exists ((|v_#length_BEFORE_CALL_410| (Array Int Int))) (and (= |c_#length| (store |v_#length_BEFORE_CALL_410| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (not (= (@diff |v_#length_BEFORE_CALL_408| |v_#length_BEFORE_CALL_410|) |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (= (select |v_#length_BEFORE_CALL_410| |c_ULTIMATE.start_l3_insert_~list#1.base|) 5))) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1) (not (= |c_ULTIMATE.start_l3_insert_~list#1.base| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)))) (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (exists ((|v_#length_BEFORE_CALL_410| (Array Int Int))) (and (= |c_#length| (store |v_#length_BEFORE_CALL_410| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (= (select |c_#valid| (@diff |v_#length_BEFORE_CALL_408| |v_#length_BEFORE_CALL_410|)) 0)) (= (select |v_#length_BEFORE_CALL_410| |c_ULTIMATE.start_l3_insert_~list#1.base|) 5))) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1) (not (= |c_ULTIMATE.start_l3_insert_~list#1.base| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)))) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int)) (|v_#length_BEFORE_CALL_410| (Array Int Int))) (let ((.cse4 (@diff |v_#length_BEFORE_CALL_408| |v_#length_BEFORE_CALL_410|))) (and (= |c_#length| (store |v_#length_BEFORE_CALL_410| .cse4 (select |c_#length| .cse4))) (not (= |c_ULTIMATE.start_l3_insert_~list#1.base| .cse4)) (= (select |c_#valid| .cse4) 1) (= (select |v_#length_BEFORE_CALL_410| |c_ULTIMATE.start_l3_insert_~list#1.base|) 5)))) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int)) (|v_#length_BEFORE_CALL_410| (Array Int Int))) (let ((.cse5 (@diff |v_#length_BEFORE_CALL_408| |v_#length_BEFORE_CALL_410|))) (and (= |c_#length| (store |v_#length_BEFORE_CALL_410| .cse5 (select |c_#length| .cse5))) (= (store |v_#length_BEFORE_CALL_408| .cse5 (select |v_#length_BEFORE_CALL_410| .cse5)) |v_#length_BEFORE_CALL_410|) (not (= |c_ULTIMATE.start_l3_insert_~list#1.base| .cse5)) (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= (select |c_#valid| .cse5) 1)))))))) is different from false [2024-11-09 07:04:56,681 WARN L873 $PredicateComparison]: unable to prove that (and (= 4 |c_ULTIMATE.start_l3_insert_~list#1.offset|) (or (exists ((|v_#length_BEFORE_CALL_410| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= |c_#length| (store |v_#length_BEFORE_CALL_410| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (exists ((|v_old(#valid)_AFTER_CALL_242| (Array Int Int))) (and (= (select |v_old(#valid)_AFTER_CALL_242| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_242| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1)) (exists ((|v_#valid_BEFORE_CALL_421| (Array Int Int))) (let ((.cse0 (@diff |v_#valid_BEFORE_CALL_421| |v_old(#valid)_AFTER_CALL_242|))) (and (= (store |v_#valid_BEFORE_CALL_421| .cse0 (select |v_old(#valid)_AFTER_CALL_242| .cse0)) |v_old(#valid)_AFTER_CALL_242|) (= (select |v_#valid_BEFORE_CALL_421| .cse0) 0) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (let ((.cse1 (@diff |v_#length_BEFORE_CALL_408| |v_#length_BEFORE_CALL_410|))) (and (= (store |v_#length_BEFORE_CALL_408| .cse1 (select |v_#length_BEFORE_CALL_410| .cse1)) |v_#length_BEFORE_CALL_410|) (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= .cse1 .cse0))))))))))) (and (= 5 (select |c_#length| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (exists ((|v_old(#valid)_AFTER_CALL_242| (Array Int Int)) (|v_#valid_BEFORE_CALL_421| (Array Int Int)) (|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (let ((.cse2 (@diff |v_#valid_BEFORE_CALL_421| |v_old(#valid)_AFTER_CALL_242|))) (and (= (store |v_#valid_BEFORE_CALL_421| .cse2 (select |v_old(#valid)_AFTER_CALL_242| .cse2)) |v_old(#valid)_AFTER_CALL_242|) (= (select |v_old(#valid)_AFTER_CALL_242| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0) (= (select |v_#valid_BEFORE_CALL_421| .cse2) 0) (= |c_#valid| (store |v_old(#valid)_AFTER_CALL_242| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1)) (= (select |v_#valid_BEFORE_CALL_421| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1))))) (and (= (select |c_#valid| |c_ULTIMATE.start_l3_insert_~list#1.base|) 1) (or (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (exists ((|v_#length_BEFORE_CALL_410| (Array Int Int))) (and (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (let ((.cse3 (@diff |v_#length_BEFORE_CALL_408| |v_#length_BEFORE_CALL_410|))) (and (= (store |v_#length_BEFORE_CALL_408| .cse3 (select |v_#length_BEFORE_CALL_410| .cse3)) |v_#length_BEFORE_CALL_410|) (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= (select |c_#valid| .cse3) 0)))) (= |c_#length| (store |v_#length_BEFORE_CALL_410| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))))) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1) (not (= |c_ULTIMATE.start_l3_insert_~list#1.base| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)))) (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (exists ((|v_#length_BEFORE_CALL_410| (Array Int Int))) (and (= |c_#length| (store |v_#length_BEFORE_CALL_410| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (not (= (@diff |v_#length_BEFORE_CALL_408| |v_#length_BEFORE_CALL_410|) |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (= (select |v_#length_BEFORE_CALL_410| |c_ULTIMATE.start_l3_insert_~list#1.base|) 5))) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1) (not (= |c_ULTIMATE.start_l3_insert_~list#1.base| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)))) (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (exists ((|v_#length_BEFORE_CALL_410| (Array Int Int))) (and (= |c_#length| (store |v_#length_BEFORE_CALL_410| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (= (select |c_#valid| (@diff |v_#length_BEFORE_CALL_408| |v_#length_BEFORE_CALL_410|)) 0)) (= (select |v_#length_BEFORE_CALL_410| |c_ULTIMATE.start_l3_insert_~list#1.base|) 5))) (= (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 1) (not (= |c_ULTIMATE.start_l3_insert_~list#1.base| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)))) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int)) (|v_#length_BEFORE_CALL_410| (Array Int Int))) (let ((.cse4 (@diff |v_#length_BEFORE_CALL_408| |v_#length_BEFORE_CALL_410|))) (and (= |c_#length| (store |v_#length_BEFORE_CALL_410| .cse4 (select |c_#length| .cse4))) (not (= |c_ULTIMATE.start_l3_insert_~list#1.base| .cse4)) (= (select |c_#valid| .cse4) 1) (= (select |v_#length_BEFORE_CALL_410| |c_ULTIMATE.start_l3_insert_~list#1.base|) 5)))) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int)) (|v_#length_BEFORE_CALL_410| (Array Int Int))) (let ((.cse5 (@diff |v_#length_BEFORE_CALL_408| |v_#length_BEFORE_CALL_410|))) (and (= |c_#length| (store |v_#length_BEFORE_CALL_410| .cse5 (select |c_#length| .cse5))) (= (store |v_#length_BEFORE_CALL_408| .cse5 (select |v_#length_BEFORE_CALL_410| .cse5)) |v_#length_BEFORE_CALL_410|) (not (= |c_ULTIMATE.start_l3_insert_~list#1.base| .cse5)) (= 5 (select |v_#length_BEFORE_CALL_408| |c_ULTIMATE.start_l3_insert_~list#1.base|)) (= (select |c_#valid| .cse5) 1)))))))) is different from true [2024-11-09 07:04:56,979 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 07:04:57,533 INFO L349 Elim1Store]: treesize reduction 13, result has 40.9 percent of original size [2024-11-09 07:04:57,533 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 14 treesize of output 13 [2024-11-09 07:04:58,849 INFO L349 Elim1Store]: treesize reduction 4, result has 98.9 percent of original size [2024-11-09 07:04:58,850 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 9 select indices, 9 select index equivalence classes, 0 disjoint index pairs (out of 36 index pairs), introduced 9 new quantified variables, introduced 36 case distinctions, treesize of input 212 treesize of output 534