./Ultimate.py --spec ../../sv-benchmarks/c/properties/valid-memsafety.prp --file ../../sv-benchmarks/c/memsafety/test-0235-2.i --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for memory safety (deref-memtrack) Using default analysis Version a0165632 Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/config/TaipanMemDerefMemtrack.xml -i ../../sv-benchmarks/c/memsafety/test-0235-2.i -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/config/svcomp-DerefFreeMemtrack-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 5243781ee83706d005235269371a592cabf9c2dbc613c235cbe81d6e89d326d7 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-a016563 [2024-11-09 04:45:01,913 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-09 04:45:02,043 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/config/svcomp-DerefFreeMemtrack-32bit-Taipan_Default.epf [2024-11-09 04:45:02,052 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-09 04:45:02,053 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-09 04:45:02,102 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-09 04:45:02,103 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-09 04:45:02,104 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-09 04:45:02,105 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-09 04:45:02,107 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-09 04:45:02,108 INFO L153 SettingsManager]: * User list type=DISABLED [2024-11-09 04:45:02,108 INFO L151 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2024-11-09 04:45:02,110 INFO L153 SettingsManager]: * Explicit value domain=true [2024-11-09 04:45:02,111 INFO L153 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2024-11-09 04:45:02,113 INFO L153 SettingsManager]: * Octagon Domain=false [2024-11-09 04:45:02,114 INFO L153 SettingsManager]: * Abstract domain=CompoundDomain [2024-11-09 04:45:02,115 INFO L153 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2024-11-09 04:45:02,115 INFO L153 SettingsManager]: * Use the RCFG-of-the-future interface=true [2024-11-09 04:45:02,115 INFO L153 SettingsManager]: * Interval Domain=false [2024-11-09 04:45:02,116 INFO L151 SettingsManager]: Preferences of Sifa differ from their defaults: [2024-11-09 04:45:02,120 INFO L153 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2024-11-09 04:45:02,123 INFO L153 SettingsManager]: * Simplification Technique=POLY_PAC [2024-11-09 04:45:02,124 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-09 04:45:02,126 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-09 04:45:02,127 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-09 04:45:02,128 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-09 04:45:02,128 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-09 04:45:02,128 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-09 04:45:02,129 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-09 04:45:02,130 INFO L153 SettingsManager]: * Check for the main procedure if all allocated memory was freed=true [2024-11-09 04:45:02,130 INFO L153 SettingsManager]: * Bitprecise bitfields=true [2024-11-09 04:45:02,132 INFO L153 SettingsManager]: * SV-COMP memtrack compatibility mode=true [2024-11-09 04:45:02,132 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-09 04:45:02,133 INFO L153 SettingsManager]: * Adapt memory model on pointer casts if necessary=true [2024-11-09 04:45:02,134 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-09 04:45:02,134 INFO L153 SettingsManager]: * Check unreachability of reach_error function=false [2024-11-09 04:45:02,134 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-09 04:45:02,135 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-09 04:45:02,135 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-09 04:45:02,135 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-09 04:45:02,136 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-09 04:45:02,136 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2024-11-09 04:45:02,137 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-09 04:45:02,137 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-09 04:45:02,137 INFO L153 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2024-11-09 04:45:02,138 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-09 04:45:02,139 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-09 04:45:02,139 INFO L153 SettingsManager]: * Trace refinement exception blacklist=NONE [2024-11-09 04:45:02,139 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-09 04:45:02,139 INFO L153 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G valid-free) ) CHECK( init(main()), LTL(G valid-deref) ) CHECK( init(main()), LTL(G valid-memtrack) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 5243781ee83706d005235269371a592cabf9c2dbc613c235cbe81d6e89d326d7 [2024-11-09 04:45:02,576 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-09 04:45:02,642 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-09 04:45:02,652 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-09 04:45:02,653 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-09 04:45:02,654 INFO L274 PluginConnector]: CDTParser initialized [2024-11-09 04:45:02,655 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/../../sv-benchmarks/c/memsafety/test-0235-2.i Unable to find full path for "g++" [2024-11-09 04:45:05,245 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-09 04:45:05,583 INFO L384 CDTParser]: Found 1 translation units. [2024-11-09 04:45:05,584 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/sv-benchmarks/c/memsafety/test-0235-2.i [2024-11-09 04:45:05,612 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/data/be09cd9e6/0930485ca5e448a0b82711636a3682f5/FLAGa7aeefe53 [2024-11-09 04:45:05,634 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/data/be09cd9e6/0930485ca5e448a0b82711636a3682f5 [2024-11-09 04:45:05,637 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-09 04:45:05,639 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-09 04:45:05,641 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-09 04:45:05,641 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-09 04:45:05,649 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-09 04:45:05,650 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 04:45:05" (1/1) ... [2024-11-09 04:45:05,652 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3a7159a7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:05, skipping insertion in model container [2024-11-09 04:45:05,652 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 04:45:05" (1/1) ... [2024-11-09 04:45:05,743 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-09 04:45:06,306 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 04:45:06,321 INFO L200 MainTranslator]: Completed pre-run [2024-11-09 04:45:06,389 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 04:45:06,458 INFO L204 MainTranslator]: Completed translation [2024-11-09 04:45:06,459 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06 WrapperNode [2024-11-09 04:45:06,459 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-09 04:45:06,461 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-09 04:45:06,461 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-09 04:45:06,462 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-09 04:45:06,473 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06" (1/1) ... [2024-11-09 04:45:06,510 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06" (1/1) ... [2024-11-09 04:45:06,571 INFO L138 Inliner]: procedures = 188, calls = 71, calls flagged for inlining = 13, calls inlined = 13, statements flattened = 233 [2024-11-09 04:45:06,575 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-09 04:45:06,576 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-09 04:45:06,577 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-09 04:45:06,577 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-09 04:45:06,590 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06" (1/1) ... [2024-11-09 04:45:06,591 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06" (1/1) ... [2024-11-09 04:45:06,598 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06" (1/1) ... [2024-11-09 04:45:06,603 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06" (1/1) ... [2024-11-09 04:45:06,628 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06" (1/1) ... [2024-11-09 04:45:06,641 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06" (1/1) ... [2024-11-09 04:45:06,646 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06" (1/1) ... [2024-11-09 04:45:06,653 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06" (1/1) ... [2024-11-09 04:45:06,657 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-09 04:45:06,662 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-09 04:45:06,666 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-09 04:45:06,667 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-09 04:45:06,668 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06" (1/1) ... [2024-11-09 04:45:06,680 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2024-11-09 04:45:06,695 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:45:06,715 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2024-11-09 04:45:06,723 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2024-11-09 04:45:06,761 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocOnHeap [2024-11-09 04:45:06,761 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-09 04:45:06,761 INFO L130 BoogieDeclarations]: Found specification of procedure write~$Pointer$ [2024-11-09 04:45:06,762 INFO L130 BoogieDeclarations]: Found specification of procedure read~$Pointer$ [2024-11-09 04:45:06,762 INFO L130 BoogieDeclarations]: Found specification of procedure zalloc_or_die [2024-11-09 04:45:06,764 INFO L138 BoogieDeclarations]: Found implementation of procedure zalloc_or_die [2024-11-09 04:45:06,765 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.dealloc [2024-11-09 04:45:06,765 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~$Pointer$ [2024-11-09 04:45:06,765 INFO L130 BoogieDeclarations]: Found specification of procedure l0_destroy [2024-11-09 04:45:06,766 INFO L138 BoogieDeclarations]: Found implementation of procedure l0_destroy [2024-11-09 04:45:06,766 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2024-11-09 04:45:06,766 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-09 04:45:06,766 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-09 04:45:07,037 INFO L238 CfgBuilder]: Building ICFG [2024-11-09 04:45:07,040 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-09 04:45:07,991 INFO L? ?]: Removed 203 outVars from TransFormulas that were not future-live. [2024-11-09 04:45:07,991 INFO L287 CfgBuilder]: Performing block encoding [2024-11-09 04:45:08,134 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-09 04:45:08,134 INFO L316 CfgBuilder]: Removed 10 assume(true) statements. [2024-11-09 04:45:08,136 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.11 04:45:08 BoogieIcfgContainer [2024-11-09 04:45:08,136 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-09 04:45:08,140 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-09 04:45:08,141 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-09 04:45:08,145 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-09 04:45:08,145 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.11 04:45:05" (1/3) ... [2024-11-09 04:45:08,146 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@54ba1e1e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 04:45:08, skipping insertion in model container [2024-11-09 04:45:08,146 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 04:45:06" (2/3) ... [2024-11-09 04:45:08,147 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@54ba1e1e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 04:45:08, skipping insertion in model container [2024-11-09 04:45:08,147 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.11 04:45:08" (3/3) ... [2024-11-09 04:45:08,149 INFO L112 eAbstractionObserver]: Analyzing ICFG test-0235-2.i [2024-11-09 04:45:08,171 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:None NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-09 04:45:08,172 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 87 error locations. [2024-11-09 04:45:08,235 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-09 04:45:08,243 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=None, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@34e423d, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-09 04:45:08,244 INFO L334 AbstractCegarLoop]: Starting to check reachability of 87 error locations. [2024-11-09 04:45:08,250 INFO L276 IsEmpty]: Start isEmpty. Operand has 206 states, 104 states have (on average 2.1346153846153846) internal successors, (222), 191 states have internal predecessors, (222), 12 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-09 04:45:08,264 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 4 [2024-11-09 04:45:08,266 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:45:08,267 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1] [2024-11-09 04:45:08,268 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting ULTIMATE.startErr32REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:45:08,275 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:45:08,277 INFO L85 PathProgramCache]: Analyzing trace with hash 444493, now seen corresponding path program 1 times [2024-11-09 04:45:08,291 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:45:08,292 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1946708800] [2024-11-09 04:45:08,293 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:08,294 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:45:08,498 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:45:08,579 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 04:45:08,580 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:45:08,580 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1946708800] [2024-11-09 04:45:08,582 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1946708800] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 04:45:08,582 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 04:45:08,582 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-09 04:45:08,585 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2029608227] [2024-11-09 04:45:08,586 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 04:45:08,593 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-09 04:45:08,594 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:45:08,643 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-09 04:45:08,644 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 04:45:08,649 INFO L87 Difference]: Start difference. First operand has 206 states, 104 states have (on average 2.1346153846153846) internal successors, (222), 191 states have internal predecessors, (222), 12 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 1.5) internal successors, (3), 2 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 04:45:08,808 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:45:08,808 INFO L93 Difference]: Finished difference Result 206 states and 236 transitions. [2024-11-09 04:45:08,809 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-09 04:45:08,811 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 1.5) internal successors, (3), 2 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 3 [2024-11-09 04:45:08,811 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:45:08,823 INFO L225 Difference]: With dead ends: 206 [2024-11-09 04:45:08,823 INFO L226 Difference]: Without dead ends: 205 [2024-11-09 04:45:08,825 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 04:45:08,831 INFO L432 NwaCegarLoop]: 212 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 24 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 212 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 24 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 04:45:08,833 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 212 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 24 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 04:45:08,853 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 205 states. [2024-11-09 04:45:08,884 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 205 to 205. [2024-11-09 04:45:08,888 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 205 states, 104 states have (on average 2.0288461538461537) internal successors, (211), 190 states have internal predecessors, (211), 12 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-09 04:45:08,897 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 205 states to 205 states and 235 transitions. [2024-11-09 04:45:08,899 INFO L78 Accepts]: Start accepts. Automaton has 205 states and 235 transitions. Word has length 3 [2024-11-09 04:45:08,899 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:45:08,902 INFO L471 AbstractCegarLoop]: Abstraction has 205 states and 235 transitions. [2024-11-09 04:45:08,903 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 1.5) internal successors, (3), 2 states have internal predecessors, (3), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 04:45:08,904 INFO L276 IsEmpty]: Start isEmpty. Operand 205 states and 235 transitions. [2024-11-09 04:45:08,905 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 6 [2024-11-09 04:45:08,905 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:45:08,905 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1] [2024-11-09 04:45:08,905 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-09 04:45:08,906 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting zalloc_or_dieErr0ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:45:08,907 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:45:08,908 INFO L85 PathProgramCache]: Analyzing trace with hash 423544946, now seen corresponding path program 1 times [2024-11-09 04:45:08,908 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:45:08,908 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [677315855] [2024-11-09 04:45:08,908 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:08,909 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:45:08,956 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:45:09,125 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 04:45:09,125 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:45:09,127 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [677315855] [2024-11-09 04:45:09,127 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [677315855] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 04:45:09,127 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 04:45:09,129 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-09 04:45:09,130 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1795600699] [2024-11-09 04:45:09,130 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 04:45:09,131 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-09 04:45:09,132 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:45:09,133 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-09 04:45:09,133 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 04:45:09,134 INFO L87 Difference]: Start difference. First operand 205 states and 235 transitions. Second operand has 3 states, 2 states have (on average 2.0) internal successors, (4), 3 states have internal predecessors, (4), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 04:45:09,449 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:45:09,450 INFO L93 Difference]: Finished difference Result 204 states and 234 transitions. [2024-11-09 04:45:09,450 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-09 04:45:09,451 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 2 states have (on average 2.0) internal successors, (4), 3 states have internal predecessors, (4), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 5 [2024-11-09 04:45:09,451 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:45:09,453 INFO L225 Difference]: With dead ends: 204 [2024-11-09 04:45:09,453 INFO L226 Difference]: Without dead ends: 204 [2024-11-09 04:45:09,453 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 04:45:09,455 INFO L432 NwaCegarLoop]: 207 mSDtfsCounter, 3 mSDsluCounter, 148 mSDsCounter, 0 mSdLazyCounter, 109 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 355 SdHoareTripleChecker+Invalid, 109 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 109 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-09 04:45:09,456 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 355 Invalid, 109 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 109 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-09 04:45:09,457 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 204 states. [2024-11-09 04:45:09,475 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 204 to 204. [2024-11-09 04:45:09,476 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 204 states, 104 states have (on average 2.019230769230769) internal successors, (210), 189 states have internal predecessors, (210), 12 states have call successors, (12), 2 states have call predecessors, (12), 2 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-09 04:45:09,481 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 204 states to 204 states and 234 transitions. [2024-11-09 04:45:09,482 INFO L78 Accepts]: Start accepts. Automaton has 204 states and 234 transitions. Word has length 5 [2024-11-09 04:45:09,485 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:45:09,485 INFO L471 AbstractCegarLoop]: Abstraction has 204 states and 234 transitions. [2024-11-09 04:45:09,485 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 2 states have (on average 2.0) internal successors, (4), 3 states have internal predecessors, (4), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 04:45:09,486 INFO L276 IsEmpty]: Start isEmpty. Operand 204 states and 234 transitions. [2024-11-09 04:45:09,486 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 7 [2024-11-09 04:45:09,486 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:45:09,486 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1] [2024-11-09 04:45:09,487 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-09 04:45:09,487 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting zalloc_or_dieErr1ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:45:09,488 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:45:09,488 INFO L85 PathProgramCache]: Analyzing trace with hash 244991849, now seen corresponding path program 1 times [2024-11-09 04:45:09,492 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:45:09,493 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [58382193] [2024-11-09 04:45:09,493 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:09,493 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:45:09,563 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unknown [2024-11-09 04:45:09,570 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [805746989] [2024-11-09 04:45:09,573 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:09,574 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:09,574 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:45:09,579 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:45:09,581 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-09 04:45:09,716 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:45:09,720 INFO L255 TraceCheckSpWp]: Trace formula consists of 83 conjuncts, 24 conjuncts are in the unsatisfiable core [2024-11-09 04:45:09,729 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:45:09,856 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2024-11-09 04:45:09,894 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 04:45:09,894 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-09 04:45:09,895 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:45:09,895 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [58382193] [2024-11-09 04:45:09,896 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2024-11-09 04:45:09,896 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [805746989] [2024-11-09 04:45:09,897 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [805746989] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 04:45:09,897 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 04:45:09,897 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-09 04:45:09,898 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1028871559] [2024-11-09 04:45:09,898 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 04:45:09,898 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-09 04:45:09,899 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:45:09,900 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-09 04:45:09,900 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-09 04:45:09,900 INFO L87 Difference]: Start difference. First operand 204 states and 234 transitions. Second operand has 4 states, 3 states have (on average 1.6666666666666667) internal successors, (5), 3 states have internal predecessors, (5), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 04:45:10,208 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:45:10,209 INFO L93 Difference]: Finished difference Result 209 states and 239 transitions. [2024-11-09 04:45:10,209 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-09 04:45:10,210 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 1.6666666666666667) internal successors, (5), 3 states have internal predecessors, (5), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 6 [2024-11-09 04:45:10,210 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:45:10,211 INFO L225 Difference]: With dead ends: 209 [2024-11-09 04:45:10,212 INFO L226 Difference]: Without dead ends: 209 [2024-11-09 04:45:10,212 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-09 04:45:10,214 INFO L432 NwaCegarLoop]: 202 mSDtfsCounter, 7 mSDsluCounter, 355 mSDsCounter, 0 mSdLazyCounter, 140 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 7 SdHoareTripleChecker+Valid, 557 SdHoareTripleChecker+Invalid, 144 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 140 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-09 04:45:10,215 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [7 Valid, 557 Invalid, 144 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 140 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-09 04:45:10,216 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 209 states. [2024-11-09 04:45:10,236 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 209 to 209. [2024-11-09 04:45:10,241 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 209 states, 108 states have (on average 1.9907407407407407) internal successors, (215), 193 states have internal predecessors, (215), 12 states have call successors, (12), 3 states have call predecessors, (12), 3 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-09 04:45:10,244 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 209 states to 209 states and 239 transitions. [2024-11-09 04:45:10,248 INFO L78 Accepts]: Start accepts. Automaton has 209 states and 239 transitions. Word has length 6 [2024-11-09 04:45:10,249 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:45:10,249 INFO L471 AbstractCegarLoop]: Abstraction has 209 states and 239 transitions. [2024-11-09 04:45:10,249 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 1.6666666666666667) internal successors, (5), 3 states have internal predecessors, (5), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 04:45:10,250 INFO L276 IsEmpty]: Start isEmpty. Operand 209 states and 239 transitions. [2024-11-09 04:45:10,251 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2024-11-09 04:45:10,251 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:45:10,251 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:45:10,283 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-09 04:45:10,452 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:10,453 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting zalloc_or_dieErr1ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:45:10,454 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:45:10,454 INFO L85 PathProgramCache]: Analyzing trace with hash -1395073525, now seen corresponding path program 1 times [2024-11-09 04:45:10,454 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:45:10,455 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1660821297] [2024-11-09 04:45:10,455 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:10,455 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:45:10,580 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unknown [2024-11-09 04:45:10,588 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [567622069] [2024-11-09 04:45:10,588 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:10,589 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:10,589 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:45:10,591 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:45:10,594 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-09 04:45:10,983 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:45:10,990 INFO L255 TraceCheckSpWp]: Trace formula consists of 455 conjuncts, 29 conjuncts are in the unsatisfiable core [2024-11-09 04:45:11,003 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:45:11,081 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2024-11-09 04:45:11,144 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-09 04:45:11,217 INFO L134 CoverageAnalysis]: Checked inductivity of 65 backedges. 31 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2024-11-09 04:45:11,220 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-09 04:45:11,221 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:45:11,221 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1660821297] [2024-11-09 04:45:11,221 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2024-11-09 04:45:11,221 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [567622069] [2024-11-09 04:45:11,222 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [567622069] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 04:45:11,222 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 04:45:11,222 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 04:45:11,222 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1627370785] [2024-11-09 04:45:11,222 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 04:45:11,223 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 04:45:11,223 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:45:11,226 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 04:45:11,229 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 04:45:11,229 INFO L87 Difference]: Start difference. First operand 209 states and 239 transitions. Second operand has 5 states, 4 states have (on average 5.5) internal successors, (22), 5 states have internal predecessors, (22), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 1 states have call successors, (5) [2024-11-09 04:45:11,576 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:45:11,576 INFO L93 Difference]: Finished difference Result 213 states and 243 transitions. [2024-11-09 04:45:11,577 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 04:45:11,577 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 5.5) internal successors, (22), 5 states have internal predecessors, (22), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 1 states have call successors, (5) Word has length 45 [2024-11-09 04:45:11,578 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:45:11,579 INFO L225 Difference]: With dead ends: 213 [2024-11-09 04:45:11,579 INFO L226 Difference]: Without dead ends: 211 [2024-11-09 04:45:11,580 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 45 GetRequests, 41 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2024-11-09 04:45:11,581 INFO L432 NwaCegarLoop]: 207 mSDtfsCounter, 3 mSDsluCounter, 555 mSDsCounter, 0 mSdLazyCounter, 169 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 762 SdHoareTripleChecker+Invalid, 174 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 169 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-09 04:45:11,582 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 762 Invalid, 174 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 169 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-09 04:45:11,583 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 211 states. [2024-11-09 04:45:11,592 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 211 to 211. [2024-11-09 04:45:11,592 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 211 states, 110 states have (on average 1.9727272727272727) internal successors, (217), 195 states have internal predecessors, (217), 12 states have call successors, (12), 3 states have call predecessors, (12), 3 states have return successors, (12), 12 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-09 04:45:11,595 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 211 states to 211 states and 241 transitions. [2024-11-09 04:45:11,595 INFO L78 Accepts]: Start accepts. Automaton has 211 states and 241 transitions. Word has length 45 [2024-11-09 04:45:11,596 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:45:11,596 INFO L471 AbstractCegarLoop]: Abstraction has 211 states and 241 transitions. [2024-11-09 04:45:11,596 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 5.5) internal successors, (22), 5 states have internal predecessors, (22), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 1 states have call successors, (5) [2024-11-09 04:45:11,597 INFO L276 IsEmpty]: Start isEmpty. Operand 211 states and 241 transitions. [2024-11-09 04:45:11,598 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-09 04:45:11,598 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:45:11,598 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 5, 5, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:45:11,627 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-09 04:45:11,799 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:11,799 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting zalloc_or_dieErr1ASSERT_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:45:11,800 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:45:11,800 INFO L85 PathProgramCache]: Analyzing trace with hash -564201162, now seen corresponding path program 1 times [2024-11-09 04:45:11,800 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:45:11,800 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [808346355] [2024-11-09 04:45:11,801 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:11,801 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:45:12,225 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unknown [2024-11-09 04:45:12,240 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [1353911463] [2024-11-09 04:45:12,244 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:12,245 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:12,245 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:45:12,249 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:45:12,251 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-11-09 04:45:12,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:45:12,687 INFO L255 TraceCheckSpWp]: Trace formula consists of 530 conjuncts, 38 conjuncts are in the unsatisfiable core [2024-11-09 04:45:12,695 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:45:12,776 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2024-11-09 04:45:12,830 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-09 04:45:12,974 INFO L134 CoverageAnalysis]: Checked inductivity of 100 backedges. 41 proven. 16 refuted. 0 times theorem prover too weak. 43 trivial. 0 not checked. [2024-11-09 04:45:12,975 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:45:13,434 INFO L134 CoverageAnalysis]: Checked inductivity of 100 backedges. 43 proven. 1 refuted. 0 times theorem prover too weak. 56 trivial. 0 not checked. [2024-11-09 04:45:13,435 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:45:13,435 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [808346355] [2024-11-09 04:45:13,435 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2024-11-09 04:45:13,437 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1353911463] [2024-11-09 04:45:13,437 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1353911463] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 04:45:13,437 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [931103556] [2024-11-09 04:45:13,471 INFO L159 IcfgInterpreter]: Started Sifa with 23 locations of interest [2024-11-09 04:45:13,473 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:45:13,480 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:45:13,490 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:45:13,491 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:45:17,281 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:45:17,706 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:45:24,659 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSifa [931103556] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 04:45:24,660 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2024-11-09 04:45:24,660 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [20] imperfect sequences [8, 6] total 32 [2024-11-09 04:45:24,660 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [458643] [2024-11-09 04:45:24,661 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 04:45:24,661 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 22 states [2024-11-09 04:45:24,661 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:45:24,662 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 22 interpolants. [2024-11-09 04:45:24,664 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=140, Invalid=852, Unknown=0, NotChecked=0, Total=992 [2024-11-09 04:45:24,664 INFO L87 Difference]: Start difference. First operand 211 states and 241 transitions. Second operand has 22 states, 14 states have (on average 1.2142857142857142) internal successors, (17), 15 states have internal predecessors, (17), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) [2024-11-09 04:45:27,760 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:45:27,761 INFO L93 Difference]: Finished difference Result 285 states and 331 transitions. [2024-11-09 04:45:27,761 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-11-09 04:45:27,762 INFO L78 Accepts]: Start accepts. Automaton has has 22 states, 14 states have (on average 1.2142857142857142) internal successors, (17), 15 states have internal predecessors, (17), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) Word has length 50 [2024-11-09 04:45:27,763 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:45:27,764 INFO L225 Difference]: With dead ends: 285 [2024-11-09 04:45:27,764 INFO L226 Difference]: Without dead ends: 285 [2024-11-09 04:45:27,765 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 149 GetRequests, 111 SyntacticMatches, 7 SemanticMatches, 31 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 258 ImplicationChecksByTransitivity, 7.3s TimeCoverageRelationStatistics Valid=147, Invalid=909, Unknown=0, NotChecked=0, Total=1056 [2024-11-09 04:45:27,767 INFO L432 NwaCegarLoop]: 154 mSDtfsCounter, 106 mSDsluCounter, 1077 mSDsCounter, 0 mSdLazyCounter, 1285 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 107 SdHoareTripleChecker+Valid, 1231 SdHoareTripleChecker+Invalid, 1288 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 1285 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.9s IncrementalHoareTripleChecker+Time [2024-11-09 04:45:27,768 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [107 Valid, 1231 Invalid, 1288 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 1285 Invalid, 0 Unknown, 0 Unchecked, 2.9s Time] [2024-11-09 04:45:27,769 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 285 states. [2024-11-09 04:45:27,781 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 285 to 256. [2024-11-09 04:45:27,782 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 256 states, 147 states have (on average 1.945578231292517) internal successors, (286), 232 states have internal predecessors, (286), 18 states have call successors, (18), 5 states have call predecessors, (18), 5 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-09 04:45:27,785 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 256 states to 256 states and 322 transitions. [2024-11-09 04:45:27,785 INFO L78 Accepts]: Start accepts. Automaton has 256 states and 322 transitions. Word has length 50 [2024-11-09 04:45:27,786 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:45:27,786 INFO L471 AbstractCegarLoop]: Abstraction has 256 states and 322 transitions. [2024-11-09 04:45:27,786 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 22 states, 14 states have (on average 1.2142857142857142) internal successors, (17), 15 states have internal predecessors, (17), 6 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (5), 5 states have call predecessors, (5), 5 states have call successors, (5) [2024-11-09 04:45:27,787 INFO L276 IsEmpty]: Start isEmpty. Operand 256 states and 322 transitions. [2024-11-09 04:45:27,788 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-09 04:45:27,788 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:45:27,789 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:45:27,819 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2024-11-09 04:45:27,992 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:27,993 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:45:27,994 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:45:27,994 INFO L85 PathProgramCache]: Analyzing trace with hash 938953697, now seen corresponding path program 1 times [2024-11-09 04:45:27,994 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:45:27,994 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1198817892] [2024-11-09 04:45:27,994 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:27,994 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:45:28,096 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:45:29,096 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 61 proven. 7 refuted. 0 times theorem prover too weak. 58 trivial. 0 not checked. [2024-11-09 04:45:29,097 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:45:29,098 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1198817892] [2024-11-09 04:45:29,098 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1198817892] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:45:29,098 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [661237327] [2024-11-09 04:45:29,098 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:29,099 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:29,099 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:45:29,101 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:45:29,103 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2024-11-09 04:45:29,390 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:45:29,398 INFO L255 TraceCheckSpWp]: Trace formula consists of 565 conjuncts, 18 conjuncts are in the unsatisfiable core [2024-11-09 04:45:29,405 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:45:29,503 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1) |c_#valid|)) is different from true [2024-11-09 04:45:29,538 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2024-11-09 04:45:29,539 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2024-11-09 04:45:29,556 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 61 proven. 1 refuted. 0 times theorem prover too weak. 58 trivial. 6 not checked. [2024-11-09 04:45:29,556 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:45:29,837 INFO L349 Elim1Store]: treesize reduction 5, result has 37.5 percent of original size [2024-11-09 04:45:29,837 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 11 [2024-11-09 04:45:29,865 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 61 proven. 7 refuted. 0 times theorem prover too weak. 58 trivial. 0 not checked. [2024-11-09 04:45:29,865 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [661237327] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 04:45:29,866 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1139659160] [2024-11-09 04:45:29,869 INFO L159 IcfgInterpreter]: Started Sifa with 24 locations of interest [2024-11-09 04:45:29,869 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:45:29,870 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:45:29,870 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:45:29,870 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:45:30,986 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:45:31,251 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:45:33,345 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '3237#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (exists ((|v_ULTIMATE.start_l4_insert_~item~0#1.base_21| Int)) (not (= (select |#valid| |v_ULTIMATE.start_l4_insert_~item~0#1.base_21|) 1))) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (not (= |ULTIMATE.start_l4_insert_#t~ret7#1.base| 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_90| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_65| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_57| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_70| Int)) (and (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_65| 0) (= |ULTIMATE.start_l4_insert_#t~ret7#1.offset| 0) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_90|) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_70| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_90| 4294967296)) (= 0 |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_57|))))' at error location [2024-11-09 04:45:33,346 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:45:33,346 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 04:45:33,346 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 9, 8] total 14 [2024-11-09 04:45:33,346 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1661799671] [2024-11-09 04:45:33,346 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 04:45:33,347 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-09 04:45:33,347 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:45:33,348 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-09 04:45:33,349 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=101, Invalid=832, Unknown=1, NotChecked=58, Total=992 [2024-11-09 04:45:33,350 INFO L87 Difference]: Start difference. First operand 256 states and 322 transitions. Second operand has 15 states, 12 states have (on average 3.5) internal successors, (42), 13 states have internal predecessors, (42), 2 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (8), 3 states have call predecessors, (8), 2 states have call successors, (8) [2024-11-09 04:45:34,269 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:45:34,270 INFO L93 Difference]: Finished difference Result 346 states and 430 transitions. [2024-11-09 04:45:34,270 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-09 04:45:34,271 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 12 states have (on average 3.5) internal successors, (42), 13 states have internal predecessors, (42), 2 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (8), 3 states have call predecessors, (8), 2 states have call successors, (8) Word has length 54 [2024-11-09 04:45:34,271 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:45:34,276 INFO L225 Difference]: With dead ends: 346 [2024-11-09 04:45:34,276 INFO L226 Difference]: Without dead ends: 346 [2024-11-09 04:45:34,277 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 174 GetRequests, 130 SyntacticMatches, 11 SemanticMatches, 33 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 308 ImplicationChecksByTransitivity, 2.4s TimeCoverageRelationStatistics Valid=125, Invalid=1000, Unknown=1, NotChecked=64, Total=1190 [2024-11-09 04:45:34,279 INFO L432 NwaCegarLoop]: 174 mSDtfsCounter, 316 mSDsluCounter, 1133 mSDsCounter, 0 mSdLazyCounter, 824 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 316 SdHoareTripleChecker+Valid, 1307 SdHoareTripleChecker+Invalid, 1198 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 824 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 340 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-09 04:45:34,280 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [316 Valid, 1307 Invalid, 1198 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 824 Invalid, 0 Unknown, 340 Unchecked, 0.8s Time] [2024-11-09 04:45:34,282 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 346 states. [2024-11-09 04:45:34,300 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 346 to 254. [2024-11-09 04:45:34,301 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 254 states, 147 states have (on average 1.9183673469387754) internal successors, (282), 230 states have internal predecessors, (282), 18 states have call successors, (18), 5 states have call predecessors, (18), 5 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-09 04:45:34,304 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 254 states to 254 states and 318 transitions. [2024-11-09 04:45:34,304 INFO L78 Accepts]: Start accepts. Automaton has 254 states and 318 transitions. Word has length 54 [2024-11-09 04:45:34,305 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:45:34,305 INFO L471 AbstractCegarLoop]: Abstraction has 254 states and 318 transitions. [2024-11-09 04:45:34,305 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 12 states have (on average 3.5) internal successors, (42), 13 states have internal predecessors, (42), 2 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (8), 3 states have call predecessors, (8), 2 states have call successors, (8) [2024-11-09 04:45:34,305 INFO L276 IsEmpty]: Start isEmpty. Operand 254 states and 318 transitions. [2024-11-09 04:45:34,306 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-09 04:45:34,307 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:45:34,307 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:45:34,340 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2024-11-09 04:45:34,507 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5,5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:34,508 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:45:34,508 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:45:34,508 INFO L85 PathProgramCache]: Analyzing trace with hash 938953698, now seen corresponding path program 1 times [2024-11-09 04:45:34,509 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:45:34,509 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1368485300] [2024-11-09 04:45:34,509 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:34,509 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:45:34,745 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unknown [2024-11-09 04:45:34,752 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [1337787586] [2024-11-09 04:45:34,753 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:34,753 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:34,753 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:45:34,755 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:45:34,757 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2024-11-09 04:45:35,068 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:45:35,072 INFO L255 TraceCheckSpWp]: Trace formula consists of 565 conjuncts, 48 conjuncts are in the unsatisfiable core [2024-11-09 04:45:35,082 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:45:35,109 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2024-11-09 04:45:35,320 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 04:45:35,355 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 04:45:35,356 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 9 [2024-11-09 04:45:35,367 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2024-11-09 04:45:35,368 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2024-11-09 04:45:35,391 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 61 proven. 0 refuted. 0 times theorem prover too weak. 58 trivial. 7 not checked. [2024-11-09 04:45:35,392 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:45:35,522 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:45:35,523 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1368485300] [2024-11-09 04:45:35,523 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2024-11-09 04:45:35,523 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1337787586] [2024-11-09 04:45:35,523 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1337787586] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:45:35,523 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [93052718] [2024-11-09 04:45:35,527 INFO L159 IcfgInterpreter]: Started Sifa with 24 locations of interest [2024-11-09 04:45:35,527 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:45:35,527 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:45:35,528 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:45:35,528 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:45:36,503 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:45:36,795 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:45:38,744 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4039#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (not (= |ULTIMATE.start_l4_insert_#t~ret7#1.base| 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_79| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_75| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_66| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_106| Int)) (and (= |ULTIMATE.start_l4_insert_#t~ret7#1.offset| 0) (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_75| 0) (= 0 |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_66|) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_79| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_106| 4294967296)) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_106|))))' at error location [2024-11-09 04:45:38,745 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:45:38,745 INFO L185 FreeRefinementEngine]: Found 0 perfect and 1 imperfect interpolant sequences. [2024-11-09 04:45:38,745 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10] total 10 [2024-11-09 04:45:38,745 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1134538028] [2024-11-09 04:45:38,745 INFO L85 oduleStraightlineAll]: Using 1 imperfect interpolants to construct interpolant automaton [2024-11-09 04:45:38,746 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2024-11-09 04:45:38,746 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:45:38,747 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2024-11-09 04:45:38,747 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=85, Invalid=674, Unknown=1, NotChecked=52, Total=812 [2024-11-09 04:45:38,748 INFO L87 Difference]: Start difference. First operand 254 states and 318 transitions. Second operand has 11 states, 8 states have (on average 3.375) internal successors, (27), 8 states have internal predecessors, (27), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-09 04:45:40,339 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:45:40,339 INFO L93 Difference]: Finished difference Result 344 states and 426 transitions. [2024-11-09 04:45:40,340 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-09 04:45:40,340 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 8 states have (on average 3.375) internal successors, (27), 8 states have internal predecessors, (27), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 54 [2024-11-09 04:45:40,341 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:45:40,343 INFO L225 Difference]: With dead ends: 344 [2024-11-09 04:45:40,343 INFO L226 Difference]: Without dead ends: 344 [2024-11-09 04:45:40,344 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 112 GetRequests, 76 SyntacticMatches, 6 SemanticMatches, 30 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 202 ImplicationChecksByTransitivity, 2.3s TimeCoverageRelationStatistics Valid=98, Invalid=835, Unknown=1, NotChecked=58, Total=992 [2024-11-09 04:45:40,345 INFO L432 NwaCegarLoop]: 92 mSDtfsCounter, 118 mSDsluCounter, 228 mSDsCounter, 0 mSdLazyCounter, 1261 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 118 SdHoareTripleChecker+Valid, 320 SdHoareTripleChecker+Invalid, 1612 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 1261 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 337 IncrementalHoareTripleChecker+Unchecked, 1.4s IncrementalHoareTripleChecker+Time [2024-11-09 04:45:40,345 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [118 Valid, 320 Invalid, 1612 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 1261 Invalid, 0 Unknown, 337 Unchecked, 1.4s Time] [2024-11-09 04:45:40,347 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 344 states. [2024-11-09 04:45:40,355 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 344 to 252. [2024-11-09 04:45:40,356 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 252 states, 147 states have (on average 1.8911564625850341) internal successors, (278), 228 states have internal predecessors, (278), 18 states have call successors, (18), 5 states have call predecessors, (18), 5 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-09 04:45:40,359 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 252 states to 252 states and 314 transitions. [2024-11-09 04:45:40,359 INFO L78 Accepts]: Start accepts. Automaton has 252 states and 314 transitions. Word has length 54 [2024-11-09 04:45:40,359 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:45:40,360 INFO L471 AbstractCegarLoop]: Abstraction has 252 states and 314 transitions. [2024-11-09 04:45:40,360 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 8 states have (on average 3.375) internal successors, (27), 8 states have internal predecessors, (27), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-09 04:45:40,360 INFO L276 IsEmpty]: Start isEmpty. Operand 252 states and 314 transitions. [2024-11-09 04:45:40,361 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-09 04:45:40,362 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:45:40,362 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:45:40,390 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Ended with exit code 0 [2024-11-09 04:45:40,562 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:40,563 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:45:40,563 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:45:40,563 INFO L85 PathProgramCache]: Analyzing trace with hash -957194336, now seen corresponding path program 1 times [2024-11-09 04:45:40,564 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:45:40,564 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [673487868] [2024-11-09 04:45:40,564 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:40,564 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:45:40,639 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:45:41,491 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 77 proven. 15 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2024-11-09 04:45:41,491 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:45:41,491 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [673487868] [2024-11-09 04:45:41,492 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [673487868] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:45:41,492 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1025218522] [2024-11-09 04:45:41,492 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:41,492 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:41,493 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:45:41,494 INFO L229 MonitoredProcess]: Starting monitored process 7 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:45:41,495 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2024-11-09 04:45:41,725 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:45:41,728 INFO L255 TraceCheckSpWp]: Trace formula consists of 581 conjuncts, 29 conjuncts are in the unsatisfiable core [2024-11-09 04:45:41,731 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:45:41,767 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= |c_#valid| (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 04:45:41,800 INFO L349 Elim1Store]: treesize reduction 20, result has 33.3 percent of original size [2024-11-09 04:45:41,801 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 16 [2024-11-09 04:45:41,829 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1) |c_#valid|)) is different from true [2024-11-09 04:45:41,849 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2024-11-09 04:45:41,850 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2024-11-09 04:45:41,866 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 71 proven. 1 refuted. 0 times theorem prover too weak. 34 trivial. 20 not checked. [2024-11-09 04:45:41,866 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:45:42,125 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1025218522] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:45:42,126 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1105923565] [2024-11-09 04:45:42,129 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 04:45:42,129 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:45:42,129 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:45:42,129 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:45:42,130 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:45:43,308 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:45:43,546 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:45:48,149 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4874#(and (exists ((|v_ULTIMATE.start_l4_insert_~list#1.base_14| Int)) (not (= (select |#valid| |v_ULTIMATE.start_l4_insert_~list#1.base_14|) 1))) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (exists ((|v_#memory_int_157| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_157| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_157| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (exists ((|v_#memory_$Pointer$.offset_199| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_199| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_199| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_79| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_92| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_91| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_128| Int)) (and (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_91| 0) (= 0 |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_79|) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_92| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_128| 4294967296)) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_128|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0))) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0)) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) (exists ((|v_#memory_$Pointer$.base_199| (Array Int (Array Int Int)))) (= (store |v_#memory_$Pointer$.base_199| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_199| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))) |#memory_$Pointer$.base|)))' at error location [2024-11-09 04:45:48,149 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:45:48,149 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 04:45:48,149 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 11] total 18 [2024-11-09 04:45:48,149 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [390754952] [2024-11-09 04:45:48,149 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 04:45:48,150 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2024-11-09 04:45:48,150 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:45:48,151 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2024-11-09 04:45:48,151 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=125, Invalid=1286, Unknown=3, NotChecked=146, Total=1560 [2024-11-09 04:45:48,152 INFO L87 Difference]: Start difference. First operand 252 states and 314 transitions. Second operand has 19 states, 15 states have (on average 3.2666666666666666) internal successors, (49), 16 states have internal predecessors, (49), 3 states have call successors, (7), 2 states have call predecessors, (7), 6 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 04:45:49,470 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:45:49,470 INFO L93 Difference]: Finished difference Result 341 states and 420 transitions. [2024-11-09 04:45:49,471 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-09 04:45:49,471 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 15 states have (on average 3.2666666666666666) internal successors, (49), 16 states have internal predecessors, (49), 3 states have call successors, (7), 2 states have call predecessors, (7), 6 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) Word has length 55 [2024-11-09 04:45:49,472 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:45:49,473 INFO L225 Difference]: With dead ends: 341 [2024-11-09 04:45:49,473 INFO L226 Difference]: Without dead ends: 341 [2024-11-09 04:45:49,474 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 141 GetRequests, 90 SyntacticMatches, 10 SemanticMatches, 41 ConstructedPredicates, 2 IntricatePredicates, 0 DeprecatedPredicates, 515 ImplicationChecksByTransitivity, 5.1s TimeCoverageRelationStatistics Valid=150, Invalid=1495, Unknown=3, NotChecked=158, Total=1806 [2024-11-09 04:45:49,475 INFO L432 NwaCegarLoop]: 165 mSDtfsCounter, 528 mSDsluCounter, 1508 mSDsCounter, 0 mSdLazyCounter, 1160 mSolverCounterSat, 57 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 528 SdHoareTripleChecker+Valid, 1673 SdHoareTripleChecker+Invalid, 1886 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 57 IncrementalHoareTripleChecker+Valid, 1160 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 669 IncrementalHoareTripleChecker+Unchecked, 1.1s IncrementalHoareTripleChecker+Time [2024-11-09 04:45:49,476 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [528 Valid, 1673 Invalid, 1886 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [57 Valid, 1160 Invalid, 0 Unknown, 669 Unchecked, 1.1s Time] [2024-11-09 04:45:49,478 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 341 states. [2024-11-09 04:45:49,486 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 341 to 249. [2024-11-09 04:45:49,489 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 249 states, 147 states have (on average 1.8503401360544218) internal successors, (272), 225 states have internal predecessors, (272), 18 states have call successors, (18), 5 states have call predecessors, (18), 5 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-09 04:45:49,491 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 249 states to 249 states and 308 transitions. [2024-11-09 04:45:49,492 INFO L78 Accepts]: Start accepts. Automaton has 249 states and 308 transitions. Word has length 55 [2024-11-09 04:45:49,493 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:45:49,495 INFO L471 AbstractCegarLoop]: Abstraction has 249 states and 308 transitions. [2024-11-09 04:45:49,495 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 15 states have (on average 3.2666666666666666) internal successors, (49), 16 states have internal predecessors, (49), 3 states have call successors, (7), 2 states have call predecessors, (7), 6 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 04:45:49,496 INFO L276 IsEmpty]: Start isEmpty. Operand 249 states and 308 transitions. [2024-11-09 04:45:49,496 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-09 04:45:49,496 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:45:49,497 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:45:49,522 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2024-11-09 04:45:49,697 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,7 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:49,698 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:45:49,699 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:45:49,699 INFO L85 PathProgramCache]: Analyzing trace with hash -957194335, now seen corresponding path program 1 times [2024-11-09 04:45:49,699 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:45:49,700 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1016155768] [2024-11-09 04:45:49,700 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:49,701 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:45:49,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:45:51,163 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 66 proven. 18 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2024-11-09 04:45:51,163 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:45:51,164 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1016155768] [2024-11-09 04:45:51,164 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1016155768] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:45:51,164 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [515623463] [2024-11-09 04:45:51,164 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:45:51,165 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:45:51,165 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:45:51,167 INFO L229 MonitoredProcess]: Starting monitored process 8 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:45:51,170 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Waiting until timeout for monitored process [2024-11-09 04:45:51,511 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:45:51,516 INFO L255 TraceCheckSpWp]: Trace formula consists of 581 conjuncts, 42 conjuncts are in the unsatisfiable core [2024-11-09 04:45:51,521 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:45:51,568 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2024-11-09 04:45:52,439 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 04:45:52,489 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 04:45:52,490 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 13 [2024-11-09 04:45:52,517 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2024-11-09 04:45:52,518 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2024-11-09 04:45:52,648 INFO L134 CoverageAnalysis]: Checked inductivity of 126 backedges. 58 proven. 9 refuted. 0 times theorem prover too weak. 50 trivial. 9 not checked. [2024-11-09 04:45:52,648 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:45:52,795 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [515623463] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:45:52,795 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1014497376] [2024-11-09 04:45:52,798 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 04:45:52,798 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:45:52,799 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:45:52,799 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:45:52,799 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:45:55,864 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:45:56,140 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:46:28,071 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '5685#(and (exists ((|v_#memory_$Pointer$.offset_210| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_210| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_210| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 0)))) (exists ((|v_#memory_int_168| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_168| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_168| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))))) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l4_insert_~item~0#1.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (exists ((|v_ULTIMATE.start_l4_insert_~list#1.base_15| Int)) (and (<= (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_15|) 3) (or (and (exists ((|v_#length_BEFORE_CALL_124| (Array Int Int))) (and (= 14 (select |v_#length_BEFORE_CALL_124| 2)) (= (select |v_#length_BEFORE_CALL_124| 1) 2) (= (select |v_#length_BEFORE_CALL_124| 3) 4))) (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |v_ULTIMATE.start_l4_insert_~list#1.base_15|) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l2_insert_~item~2#1.base|) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_102| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_146| Int)) (and (or (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_146|) (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_146| 0)) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_102| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_146| 4294967296)))) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (exists ((|v_#memory_int_BEFORE_CALL_120| (Array Int (Array Int Int)))) (and (= (select (select |v_#memory_int_BEFORE_CALL_120| 1) 1) 0) (= (select (select |v_#memory_int_BEFORE_CALL_120| 1) 0) 48))) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_120| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_120| 3) 0) 0)) (exists ((|v_old(#memory_$Pointer$.base)_AFTER_CALL_83| (Array Int (Array Int Int)))) (= (select (select |v_old(#memory_$Pointer$.base)_AFTER_CALL_83| 3) 0) 0)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0))) (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |v_ULTIMATE.start_l4_insert_~list#1.base_15|) (exists ((|v_#length_BEFORE_CALL_122| (Array Int Int))) (and (= 14 (select |v_#length_BEFORE_CALL_122| 2)) (= 4 (select |v_#length_BEFORE_CALL_122| 3)) (= 2 (select |v_#length_BEFORE_CALL_122| 1)))) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (exists ((|v_#memory_int_BEFORE_CALL_118| (Array Int (Array Int Int)))) (and (= (select (select |v_#memory_int_BEFORE_CALL_118| 1) 1) 0) (= (select (select |v_#memory_int_BEFORE_CALL_118| 1) 0) 48))) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l2_insert_~item~2#1.base|) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_102| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_146| Int)) (and (or (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_146|) (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_146| 0)) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_102| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_146| 4294967296)))) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_old(#memory_$Pointer$.base)_AFTER_CALL_82| (Array Int (Array Int Int)))) (= (select (select |v_old(#memory_$Pointer$.base)_AFTER_CALL_82| 3) 0) 0)) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_118| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_118| 3) 0) 0)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)))))) (= |ULTIMATE.start_l1_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (<= 8 (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= |ULTIMATE.start_l3_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~item~4#1.offset| 0) (= |ULTIMATE.start_l1_insert_~item~3#1.offset| 0) (= |ULTIMATE.start_l2_insert_~item~2#1.offset| 0) (exists ((|v_#memory_$Pointer$.base_210| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_210| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_210| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))))) (= |ULTIMATE.start_l2_insert_~list#1.offset| 0) (= |ULTIMATE.start_l3_insert_~item~1#1.offset| 0))' at error location [2024-11-09 04:46:28,071 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:46:28,072 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 04:46:28,072 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 13] total 23 [2024-11-09 04:46:28,072 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1197428370] [2024-11-09 04:46:28,072 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 04:46:28,073 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 23 states [2024-11-09 04:46:28,073 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:46:28,073 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2024-11-09 04:46:28,074 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=208, Invalid=1956, Unknown=2, NotChecked=90, Total=2256 [2024-11-09 04:46:28,074 INFO L87 Difference]: Start difference. First operand 249 states and 308 transitions. Second operand has 23 states, 18 states have (on average 2.5555555555555554) internal successors, (46), 18 states have internal predecessors, (46), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 04:46:30,118 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 04:46:33,700 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:46:33,700 INFO L93 Difference]: Finished difference Result 355 states and 448 transitions. [2024-11-09 04:46:33,701 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2024-11-09 04:46:33,701 INFO L78 Accepts]: Start accepts. Automaton has has 23 states, 18 states have (on average 2.5555555555555554) internal successors, (46), 18 states have internal predecessors, (46), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) Word has length 55 [2024-11-09 04:46:33,701 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:46:33,704 INFO L225 Difference]: With dead ends: 355 [2024-11-09 04:46:33,704 INFO L226 Difference]: Without dead ends: 351 [2024-11-09 04:46:33,705 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 132 GetRequests, 74 SyntacticMatches, 7 SemanticMatches, 51 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 835 ImplicationChecksByTransitivity, 33.3s TimeCoverageRelationStatistics Valid=253, Invalid=2401, Unknown=2, NotChecked=100, Total=2756 [2024-11-09 04:46:33,706 INFO L432 NwaCegarLoop]: 99 mSDtfsCounter, 324 mSDsluCounter, 615 mSDsCounter, 0 mSdLazyCounter, 2447 mSolverCounterSat, 25 mSolverCounterUnsat, 1 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 4.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 324 SdHoareTripleChecker+Valid, 714 SdHoareTripleChecker+Invalid, 2817 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 25 IncrementalHoareTripleChecker+Valid, 2447 IncrementalHoareTripleChecker+Invalid, 1 IncrementalHoareTripleChecker+Unknown, 344 IncrementalHoareTripleChecker+Unchecked, 5.1s IncrementalHoareTripleChecker+Time [2024-11-09 04:46:33,707 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [324 Valid, 714 Invalid, 2817 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [25 Valid, 2447 Invalid, 1 Unknown, 344 Unchecked, 5.1s Time] [2024-11-09 04:46:33,708 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 351 states. [2024-11-09 04:46:33,720 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 351 to 255. [2024-11-09 04:46:33,720 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 255 states, 150 states have (on average 1.8466666666666667) internal successors, (277), 230 states have internal predecessors, (277), 19 states have call successors, (19), 5 states have call predecessors, (19), 7 states have return successors, (27), 19 states have call predecessors, (27), 18 states have call successors, (27) [2024-11-09 04:46:33,723 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 255 states to 255 states and 323 transitions. [2024-11-09 04:46:33,723 INFO L78 Accepts]: Start accepts. Automaton has 255 states and 323 transitions. Word has length 55 [2024-11-09 04:46:33,723 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:46:33,724 INFO L471 AbstractCegarLoop]: Abstraction has 255 states and 323 transitions. [2024-11-09 04:46:33,724 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 23 states, 18 states have (on average 2.5555555555555554) internal successors, (46), 18 states have internal predecessors, (46), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 04:46:33,724 INFO L276 IsEmpty]: Start isEmpty. Operand 255 states and 323 transitions. [2024-11-09 04:46:33,725 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-09 04:46:33,726 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:46:33,726 INFO L215 NwaCegarLoop]: trace histogram [7, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:46:33,754 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Ended with exit code 0 [2024-11-09 04:46:33,927 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,8 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:46:33,927 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:46:33,928 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:46:33,928 INFO L85 PathProgramCache]: Analyzing trace with hash 1929753172, now seen corresponding path program 2 times [2024-11-09 04:46:33,928 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:46:33,928 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2090613890] [2024-11-09 04:46:33,928 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:46:33,928 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:46:34,018 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:46:35,229 INFO L134 CoverageAnalysis]: Checked inductivity of 138 backedges. 72 proven. 24 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2024-11-09 04:46:35,229 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:46:35,229 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2090613890] [2024-11-09 04:46:35,229 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2090613890] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:46:35,230 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2095136018] [2024-11-09 04:46:35,230 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2024-11-09 04:46:35,230 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:46:35,230 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:46:35,232 INFO L229 MonitoredProcess]: Starting monitored process 9 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:46:35,234 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (9)] Waiting until timeout for monitored process [2024-11-09 04:46:35,589 INFO L227 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2024-11-09 04:46:35,589 INFO L228 tOrderPrioritization]: Conjunction of SSA is unsat [2024-11-09 04:46:35,591 INFO L255 TraceCheckSpWp]: Trace formula consists of 202 conjuncts, 29 conjuncts are in the unsatisfiable core [2024-11-09 04:46:35,596 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:46:35,610 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2024-11-09 04:46:35,675 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-09 04:46:35,843 INFO L134 CoverageAnalysis]: Checked inductivity of 138 backedges. 37 proven. 1 refuted. 0 times theorem prover too weak. 100 trivial. 0 not checked. [2024-11-09 04:46:35,843 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:46:36,253 INFO L134 CoverageAnalysis]: Checked inductivity of 138 backedges. 37 proven. 1 refuted. 0 times theorem prover too weak. 100 trivial. 0 not checked. [2024-11-09 04:46:36,253 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2095136018] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 04:46:36,253 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [651823774] [2024-11-09 04:46:36,256 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 04:46:36,256 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:46:36,256 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:46:36,256 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:46:36,257 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:46:37,344 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:46:37,593 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:46:40,661 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6681#(and (exists ((|v_#memory_int_197| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_197| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_197| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (exists ((|v_#memory_$Pointer$.offset_239| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_239| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_239| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_125| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_184| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_109| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_129| Int)) (and (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_129| 0) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_125| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_184| 4294967296)) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_184|) (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_109| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0))) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (exists ((|v_#memory_$Pointer$.base_239| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_239| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_239| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0)) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))' at error location [2024-11-09 04:46:40,661 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:46:40,662 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 04:46:40,662 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 6, 6] total 22 [2024-11-09 04:46:40,662 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [500542845] [2024-11-09 04:46:40,662 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 04:46:40,663 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 22 states [2024-11-09 04:46:40,663 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:46:40,664 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 22 interpolants. [2024-11-09 04:46:40,664 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=122, Invalid=1360, Unknown=0, NotChecked=0, Total=1482 [2024-11-09 04:46:40,665 INFO L87 Difference]: Start difference. First operand 255 states and 323 transitions. Second operand has 22 states, 17 states have (on average 2.6470588235294117) internal successors, (45), 19 states have internal predecessors, (45), 2 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 04:46:44,917 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:46:44,917 INFO L93 Difference]: Finished difference Result 367 states and 456 transitions. [2024-11-09 04:46:44,917 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2024-11-09 04:46:44,918 INFO L78 Accepts]: Start accepts. Automaton has has 22 states, 17 states have (on average 2.6470588235294117) internal successors, (45), 19 states have internal predecessors, (45), 2 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) Word has length 56 [2024-11-09 04:46:44,918 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:46:44,920 INFO L225 Difference]: With dead ends: 367 [2024-11-09 04:46:44,920 INFO L226 Difference]: Without dead ends: 355 [2024-11-09 04:46:44,921 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 195 GetRequests, 138 SyntacticMatches, 6 SemanticMatches, 51 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 600 ImplicationChecksByTransitivity, 4.8s TimeCoverageRelationStatistics Valid=307, Invalid=2449, Unknown=0, NotChecked=0, Total=2756 [2024-11-09 04:46:44,922 INFO L432 NwaCegarLoop]: 94 mSDtfsCounter, 244 mSDsluCounter, 749 mSDsCounter, 0 mSdLazyCounter, 2643 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 244 SdHoareTripleChecker+Valid, 843 SdHoareTripleChecker+Invalid, 2693 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 2643 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 3.0s IncrementalHoareTripleChecker+Time [2024-11-09 04:46:44,923 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [244 Valid, 843 Invalid, 2693 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 2643 Invalid, 0 Unknown, 0 Unchecked, 3.0s Time] [2024-11-09 04:46:44,924 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 355 states. [2024-11-09 04:46:44,936 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 355 to 263. [2024-11-09 04:46:44,937 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 263 states, 158 states have (on average 1.8037974683544304) internal successors, (285), 238 states have internal predecessors, (285), 19 states have call successors, (19), 5 states have call predecessors, (19), 7 states have return successors, (27), 19 states have call predecessors, (27), 18 states have call successors, (27) [2024-11-09 04:46:44,939 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 263 states to 263 states and 331 transitions. [2024-11-09 04:46:44,940 INFO L78 Accepts]: Start accepts. Automaton has 263 states and 331 transitions. Word has length 56 [2024-11-09 04:46:44,940 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:46:44,940 INFO L471 AbstractCegarLoop]: Abstraction has 263 states and 331 transitions. [2024-11-09 04:46:44,940 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 22 states, 17 states have (on average 2.6470588235294117) internal successors, (45), 19 states have internal predecessors, (45), 2 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 04:46:44,941 INFO L276 IsEmpty]: Start isEmpty. Operand 263 states and 331 transitions. [2024-11-09 04:46:44,942 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2024-11-09 04:46:44,942 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:46:44,942 INFO L215 NwaCegarLoop]: trace histogram [15, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:46:44,973 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (9)] Ended with exit code 0 [2024-11-09 04:46:45,143 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-09 04:46:45,143 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:46:45,144 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:46:45,144 INFO L85 PathProgramCache]: Analyzing trace with hash 1552367686, now seen corresponding path program 3 times [2024-11-09 04:46:45,144 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:46:45,144 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1799380586] [2024-11-09 04:46:45,145 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:46:45,145 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:46:45,336 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:46:46,899 INFO L134 CoverageAnalysis]: Checked inductivity of 270 backedges. 137 proven. 29 refuted. 0 times theorem prover too weak. 104 trivial. 0 not checked. [2024-11-09 04:46:46,899 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:46:46,899 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1799380586] [2024-11-09 04:46:46,899 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1799380586] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:46:46,899 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [85958783] [2024-11-09 04:46:46,899 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2024-11-09 04:46:46,900 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:46:46,900 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:46:46,901 INFO L229 MonitoredProcess]: Starting monitored process 10 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:46:46,902 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (10)] Waiting until timeout for monitored process [2024-11-09 04:46:47,546 INFO L227 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2024-11-09 04:46:47,546 INFO L228 tOrderPrioritization]: Conjunction of SSA is unsat [2024-11-09 04:46:47,551 INFO L255 TraceCheckSpWp]: Trace formula consists of 716 conjuncts, 59 conjuncts are in the unsatisfiable core [2024-11-09 04:46:47,555 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:46:47,670 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2024-11-09 04:46:47,684 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2024-11-09 04:46:48,667 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_calloc_model_~ptr~0#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_calloc_model_~ptr~0#1.base| (select |c_#length| |zalloc_or_die_calloc_model_~ptr~0#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_calloc_model_~ptr~0#1.base|) 0))) is different from true [2024-11-09 04:46:48,983 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 04:46:48,984 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 9 [2024-11-09 04:46:48,996 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2024-11-09 04:46:48,997 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2024-11-09 04:46:49,039 INFO L134 CoverageAnalysis]: Checked inductivity of 270 backedges. 112 proven. 80 refuted. 0 times theorem prover too weak. 64 trivial. 14 not checked. [2024-11-09 04:46:49,039 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:46:49,223 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [85958783] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:46:49,223 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1602164777] [2024-11-09 04:46:49,226 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 04:46:49,226 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:46:49,226 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:46:49,226 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:46:49,227 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:46:50,173 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:46:50,395 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:47:05,331 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '7587#(and (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_118| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_136| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_139| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_214| Int)) (and (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_139| 0) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_136| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_214| 4294967296)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0) (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_118| 0) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_214|))) (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (exists ((|v_#memory_$Pointer$.offset_254| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_254| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_254| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (exists ((|v_#memory_int_212| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_212| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_212| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (exists ((|v_#memory_$Pointer$.base_254| (Array Int (Array Int Int)))) (= (store |v_#memory_$Pointer$.base_254| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_254| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))) |#memory_$Pointer$.base|)) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0)) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))' at error location [2024-11-09 04:47:05,332 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:47:05,332 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 04:47:05,332 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 20] total 31 [2024-11-09 04:47:05,332 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1360446877] [2024-11-09 04:47:05,332 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 04:47:05,333 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 31 states [2024-11-09 04:47:05,333 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:47:05,334 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2024-11-09 04:47:05,335 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=164, Invalid=2191, Unknown=1, NotChecked=94, Total=2450 [2024-11-09 04:47:05,335 INFO L87 Difference]: Start difference. First operand 263 states and 331 transitions. Second operand has 31 states, 26 states have (on average 1.9615384615384615) internal successors, (51), 26 states have internal predecessors, (51), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 04:47:11,207 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:47:11,207 INFO L93 Difference]: Finished difference Result 365 states and 463 transitions. [2024-11-09 04:47:11,207 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-11-09 04:47:11,208 INFO L78 Accepts]: Start accepts. Automaton has has 31 states, 26 states have (on average 1.9615384615384615) internal successors, (51), 26 states have internal predecessors, (51), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) Word has length 64 [2024-11-09 04:47:11,208 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:47:11,210 INFO L225 Difference]: With dead ends: 365 [2024-11-09 04:47:11,210 INFO L226 Difference]: Without dead ends: 361 [2024-11-09 04:47:11,212 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 153 GetRequests, 90 SyntacticMatches, 7 SemanticMatches, 56 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 1036 ImplicationChecksByTransitivity, 18.0s TimeCoverageRelationStatistics Valid=239, Invalid=2956, Unknown=1, NotChecked=110, Total=3306 [2024-11-09 04:47:11,212 INFO L432 NwaCegarLoop]: 108 mSDtfsCounter, 319 mSDsluCounter, 912 mSDsCounter, 0 mSdLazyCounter, 4129 mSolverCounterSat, 24 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 3.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 319 SdHoareTripleChecker+Valid, 1020 SdHoareTripleChecker+Invalid, 4509 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 24 IncrementalHoareTripleChecker+Valid, 4129 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 356 IncrementalHoareTripleChecker+Unchecked, 4.2s IncrementalHoareTripleChecker+Time [2024-11-09 04:47:11,213 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [319 Valid, 1020 Invalid, 4509 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [24 Valid, 4129 Invalid, 0 Unknown, 356 Unchecked, 4.2s Time] [2024-11-09 04:47:11,214 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 361 states. [2024-11-09 04:47:11,224 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 361 to 265. [2024-11-09 04:47:11,225 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 265 states, 160 states have (on average 1.80625) internal successors, (289), 240 states have internal predecessors, (289), 19 states have call successors, (19), 5 states have call predecessors, (19), 7 states have return successors, (27), 19 states have call predecessors, (27), 18 states have call successors, (27) [2024-11-09 04:47:11,227 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 265 states to 265 states and 335 transitions. [2024-11-09 04:47:11,227 INFO L78 Accepts]: Start accepts. Automaton has 265 states and 335 transitions. Word has length 64 [2024-11-09 04:47:11,227 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:47:11,228 INFO L471 AbstractCegarLoop]: Abstraction has 265 states and 335 transitions. [2024-11-09 04:47:11,228 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 31 states, 26 states have (on average 1.9615384615384615) internal successors, (51), 26 states have internal predecessors, (51), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 04:47:11,228 INFO L276 IsEmpty]: Start isEmpty. Operand 265 states and 335 transitions. [2024-11-09 04:47:11,229 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2024-11-09 04:47:11,229 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:47:11,230 INFO L215 NwaCegarLoop]: trace histogram [16, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:47:11,260 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (10)] Forceful destruction successful, exit code 0 [2024-11-09 04:47:11,430 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,10 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:47:11,431 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:47:11,431 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:47:11,431 INFO L85 PathProgramCache]: Analyzing trace with hash -2020714749, now seen corresponding path program 4 times [2024-11-09 04:47:11,431 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:47:11,431 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [658325373] [2024-11-09 04:47:11,431 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:47:11,432 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:47:11,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:47:13,086 INFO L134 CoverageAnalysis]: Checked inductivity of 291 backedges. 149 proven. 38 refuted. 0 times theorem prover too weak. 104 trivial. 0 not checked. [2024-11-09 04:47:13,087 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:47:13,087 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [658325373] [2024-11-09 04:47:13,087 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [658325373] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:47:13,087 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1414097987] [2024-11-09 04:47:13,087 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2024-11-09 04:47:13,088 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:47:13,088 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:47:13,090 INFO L229 MonitoredProcess]: Starting monitored process 11 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:47:13,091 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (11)] Waiting until timeout for monitored process [2024-11-09 04:47:13,931 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:47:13,937 INFO L255 TraceCheckSpWp]: Trace formula consists of 731 conjuncts, 44 conjuncts are in the unsatisfiable core [2024-11-09 04:47:13,942 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:47:13,963 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2024-11-09 04:47:15,092 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 04:47:15,166 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 04:47:15,167 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 18 treesize of output 13 [2024-11-09 04:47:15,178 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2024-11-09 04:47:15,179 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2024-11-09 04:47:15,327 INFO L134 CoverageAnalysis]: Checked inductivity of 291 backedges. 149 proven. 10 refuted. 0 times theorem prover too weak. 104 trivial. 28 not checked. [2024-11-09 04:47:15,327 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:47:15,489 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1414097987] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:47:15,490 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1159651320] [2024-11-09 04:47:15,492 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 04:47:15,492 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:47:15,492 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:47:15,493 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:47:15,493 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:47:16,131 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:47:16,280 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:47:43,611 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '8481#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (exists ((|v_#memory_$Pointer$.offset_268| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_268| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_268| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0)) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) (exists ((|v_#memory_int_226| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_226| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_226| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (exists ((|v_#memory_$Pointer$.base_268| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_268| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_268| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_127| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_146| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_149| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_237| Int)) (and (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_149| 0) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_146| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_237| 4294967296)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_237|) (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_127| 0))))' at error location [2024-11-09 04:47:43,612 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:47:43,612 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 04:47:43,612 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 15] total 27 [2024-11-09 04:47:43,612 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [236662936] [2024-11-09 04:47:43,612 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 04:47:43,613 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 27 states [2024-11-09 04:47:43,613 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:47:43,613 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 27 interpolants. [2024-11-09 04:47:43,614 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=154, Invalid=1827, Unknown=3, NotChecked=86, Total=2070 [2024-11-09 04:47:43,614 INFO L87 Difference]: Start difference. First operand 265 states and 335 transitions. Second operand has 27 states, 22 states have (on average 2.090909090909091) internal successors, (46), 22 states have internal predecessors, (46), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 04:47:45,638 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 04:47:49,624 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:47:49,624 INFO L93 Difference]: Finished difference Result 371 states and 475 transitions. [2024-11-09 04:47:49,624 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 16 states. [2024-11-09 04:47:49,624 INFO L78 Accepts]: Start accepts. Automaton has has 27 states, 22 states have (on average 2.090909090909091) internal successors, (46), 22 states have internal predecessors, (46), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) Word has length 65 [2024-11-09 04:47:49,625 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:47:49,626 INFO L225 Difference]: With dead ends: 371 [2024-11-09 04:47:49,626 INFO L226 Difference]: Without dead ends: 367 [2024-11-09 04:47:49,627 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 156 GetRequests, 97 SyntacticMatches, 7 SemanticMatches, 52 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 880 ImplicationChecksByTransitivity, 29.3s TimeCoverageRelationStatistics Valid=231, Invalid=2526, Unknown=3, NotChecked=102, Total=2862 [2024-11-09 04:47:49,628 INFO L432 NwaCegarLoop]: 99 mSDtfsCounter, 325 mSDsluCounter, 574 mSDsCounter, 0 mSdLazyCounter, 2773 mSolverCounterSat, 26 mSolverCounterUnsat, 1 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 5.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 325 SdHoareTripleChecker+Valid, 673 SdHoareTripleChecker+Invalid, 3144 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 26 IncrementalHoareTripleChecker+Valid, 2773 IncrementalHoareTripleChecker+Invalid, 1 IncrementalHoareTripleChecker+Unknown, 344 IncrementalHoareTripleChecker+Unchecked, 5.3s IncrementalHoareTripleChecker+Time [2024-11-09 04:47:49,629 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [325 Valid, 673 Invalid, 3144 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [26 Valid, 2773 Invalid, 1 Unknown, 344 Unchecked, 5.3s Time] [2024-11-09 04:47:49,630 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 367 states. [2024-11-09 04:47:49,638 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 367 to 267. [2024-11-09 04:47:49,638 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 267 states, 162 states have (on average 1.808641975308642) internal successors, (293), 242 states have internal predecessors, (293), 19 states have call successors, (19), 5 states have call predecessors, (19), 7 states have return successors, (27), 19 states have call predecessors, (27), 18 states have call successors, (27) [2024-11-09 04:47:49,640 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 267 states to 267 states and 339 transitions. [2024-11-09 04:47:49,640 INFO L78 Accepts]: Start accepts. Automaton has 267 states and 339 transitions. Word has length 65 [2024-11-09 04:47:49,641 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:47:49,641 INFO L471 AbstractCegarLoop]: Abstraction has 267 states and 339 transitions. [2024-11-09 04:47:49,641 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 27 states, 22 states have (on average 2.090909090909091) internal successors, (46), 22 states have internal predecessors, (46), 3 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (8), 5 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 04:47:49,641 INFO L276 IsEmpty]: Start isEmpty. Operand 267 states and 339 transitions. [2024-11-09 04:47:49,642 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2024-11-09 04:47:49,642 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:47:49,642 INFO L215 NwaCegarLoop]: trace histogram [17, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:47:49,668 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (11)] Ended with exit code 0 [2024-11-09 04:47:49,846 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,11 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:47:49,847 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:47:49,847 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:47:49,847 INFO L85 PathProgramCache]: Analyzing trace with hash -1117120538, now seen corresponding path program 5 times [2024-11-09 04:47:49,847 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:47:49,848 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1000175244] [2024-11-09 04:47:49,848 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:47:49,848 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:47:49,938 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:47:51,317 INFO L134 CoverageAnalysis]: Checked inductivity of 313 backedges. 161 proven. 48 refuted. 0 times theorem prover too weak. 104 trivial. 0 not checked. [2024-11-09 04:47:51,318 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:47:51,318 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1000175244] [2024-11-09 04:47:51,318 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1000175244] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:47:51,318 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [169205607] [2024-11-09 04:47:51,318 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2024-11-09 04:47:51,318 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:47:51,318 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:47:51,320 INFO L229 MonitoredProcess]: Starting monitored process 12 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:47:51,321 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (12)] Waiting until timeout for monitored process [2024-11-09 04:47:51,750 INFO L227 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 3 check-sat command(s) [2024-11-09 04:47:51,751 INFO L228 tOrderPrioritization]: Conjunction of SSA is unsat [2024-11-09 04:47:51,753 INFO L255 TraceCheckSpWp]: Trace formula consists of 353 conjuncts, 35 conjuncts are in the unsatisfiable core [2024-11-09 04:47:51,756 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:47:51,769 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 7 [2024-11-09 04:47:51,824 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-09 04:47:52,065 INFO L134 CoverageAnalysis]: Checked inductivity of 313 backedges. 105 proven. 10 refuted. 0 times theorem prover too weak. 198 trivial. 0 not checked. [2024-11-09 04:47:52,065 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:47:52,536 INFO L134 CoverageAnalysis]: Checked inductivity of 313 backedges. 105 proven. 10 refuted. 0 times theorem prover too weak. 198 trivial. 0 not checked. [2024-11-09 04:47:52,536 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [169205607] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 04:47:52,536 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1837913567] [2024-11-09 04:47:52,542 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 04:47:52,542 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:47:52,542 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:47:52,542 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:47:52,542 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:47:53,236 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:47:53,341 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:47:56,456 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '9573#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (exists ((|v_#memory_int_267| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_267| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_267| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (exists ((|v_#memory_$Pointer$.offset_309| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_309| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_309| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_294| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_173| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_152| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_181| Int)) (and (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_181| 0) (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_152| 0) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_294|) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_173| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_294| 4294967296)))) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0)) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) (exists ((|v_#memory_$Pointer$.base_309| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_309| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_309| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))))' at error location [2024-11-09 04:47:56,456 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:47:56,456 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 04:47:56,456 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 9, 9] total 30 [2024-11-09 04:47:56,456 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2049386354] [2024-11-09 04:47:56,456 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 04:47:56,457 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 30 states [2024-11-09 04:47:56,457 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:47:56,457 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 30 interpolants. [2024-11-09 04:47:56,458 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=173, Invalid=1989, Unknown=0, NotChecked=0, Total=2162 [2024-11-09 04:47:56,458 INFO L87 Difference]: Start difference. First operand 267 states and 339 transitions. Second operand has 30 states, 25 states have (on average 2.0) internal successors, (50), 27 states have internal predecessors, (50), 2 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 04:48:01,122 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:48:01,123 INFO L93 Difference]: Finished difference Result 387 states and 488 transitions. [2024-11-09 04:48:01,123 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2024-11-09 04:48:01,123 INFO L78 Accepts]: Start accepts. Automaton has has 30 states, 25 states have (on average 2.0) internal successors, (50), 27 states have internal predecessors, (50), 2 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) Word has length 66 [2024-11-09 04:48:01,123 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:48:01,125 INFO L225 Difference]: With dead ends: 387 [2024-11-09 04:48:01,125 INFO L226 Difference]: Without dead ends: 375 [2024-11-09 04:48:01,126 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 236 GetRequests, 161 SyntacticMatches, 6 SemanticMatches, 69 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1166 ImplicationChecksByTransitivity, 6.1s TimeCoverageRelationStatistics Valid=619, Invalid=4351, Unknown=0, NotChecked=0, Total=4970 [2024-11-09 04:48:01,127 INFO L432 NwaCegarLoop]: 94 mSDtfsCounter, 366 mSDsluCounter, 869 mSDsCounter, 0 mSdLazyCounter, 2874 mSolverCounterSat, 78 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 366 SdHoareTripleChecker+Valid, 963 SdHoareTripleChecker+Invalid, 2952 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 78 IncrementalHoareTripleChecker+Valid, 2874 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.4s IncrementalHoareTripleChecker+Time [2024-11-09 04:48:01,127 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [366 Valid, 963 Invalid, 2952 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [78 Valid, 2874 Invalid, 0 Unknown, 0 Unchecked, 2.4s Time] [2024-11-09 04:48:01,128 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 375 states. [2024-11-09 04:48:01,140 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 375 to 283. [2024-11-09 04:48:01,141 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 283 states, 178 states have (on average 1.7134831460674158) internal successors, (305), 258 states have internal predecessors, (305), 19 states have call successors, (19), 5 states have call predecessors, (19), 7 states have return successors, (27), 19 states have call predecessors, (27), 18 states have call successors, (27) [2024-11-09 04:48:01,143 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 283 states to 283 states and 351 transitions. [2024-11-09 04:48:01,143 INFO L78 Accepts]: Start accepts. Automaton has 283 states and 351 transitions. Word has length 66 [2024-11-09 04:48:01,144 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:48:01,144 INFO L471 AbstractCegarLoop]: Abstraction has 283 states and 351 transitions. [2024-11-09 04:48:01,144 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 30 states, 25 states have (on average 2.0) internal successors, (50), 27 states have internal predecessors, (50), 2 states have call successors, (7), 2 states have call predecessors, (7), 5 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 04:48:01,144 INFO L276 IsEmpty]: Start isEmpty. Operand 283 states and 351 transitions. [2024-11-09 04:48:01,145 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 87 [2024-11-09 04:48:01,145 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:48:01,145 INFO L215 NwaCegarLoop]: trace histogram [37, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:48:01,165 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (12)] Forceful destruction successful, exit code 0 [2024-11-09 04:48:01,346 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 12 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable12 [2024-11-09 04:48:01,346 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:48:01,346 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:48:01,347 INFO L85 PathProgramCache]: Analyzing trace with hash 2100850932, now seen corresponding path program 6 times [2024-11-09 04:48:01,347 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:48:01,347 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [82258037] [2024-11-09 04:48:01,347 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:48:01,347 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:48:01,478 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:48:03,647 INFO L134 CoverageAnalysis]: Checked inductivity of 963 backedges. 485 proven. 108 refuted. 0 times theorem prover too weak. 370 trivial. 0 not checked. [2024-11-09 04:48:03,647 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:48:03,648 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [82258037] [2024-11-09 04:48:03,648 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [82258037] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:48:03,648 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1185408946] [2024-11-09 04:48:03,648 INFO L93 rtionOrderModulation]: Changing assertion order to TERMS_WITH_SMALL_CONSTANTS_FIRST [2024-11-09 04:48:03,648 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:48:03,648 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:48:03,649 INFO L229 MonitoredProcess]: Starting monitored process 13 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:48:03,650 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (13)] Waiting until timeout for monitored process [2024-11-09 04:48:04,708 INFO L227 tOrderPrioritization]: Assert order TERMS_WITH_SMALL_CONSTANTS_FIRST issued 0 check-sat command(s) [2024-11-09 04:48:04,708 INFO L228 tOrderPrioritization]: Conjunction of SSA is unsat [2024-11-09 04:48:04,715 INFO L255 TraceCheckSpWp]: Trace formula consists of 1046 conjuncts, 88 conjuncts are in the unsatisfiable core [2024-11-09 04:48:04,719 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:48:04,838 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2024-11-09 04:48:04,848 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2024-11-09 04:48:06,243 INFO L349 Elim1Store]: treesize reduction 13, result has 40.9 percent of original size [2024-11-09 04:48:06,244 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 14 treesize of output 13 [2024-11-09 04:48:06,264 INFO L349 Elim1Store]: treesize reduction 20, result has 33.3 percent of original size [2024-11-09 04:48:06,265 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 16 [2024-11-09 04:48:06,496 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 04:48:06,497 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 9 [2024-11-09 04:48:06,505 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2024-11-09 04:48:06,505 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2024-11-09 04:48:06,554 INFO L134 CoverageAnalysis]: Checked inductivity of 963 backedges. 365 proven. 417 refuted. 0 times theorem prover too weak. 181 trivial. 0 not checked. [2024-11-09 04:48:06,554 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:48:06,764 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1185408946] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:48:06,764 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [303624333] [2024-11-09 04:48:06,766 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 04:48:06,766 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:48:06,767 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:48:06,767 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:48:06,767 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:48:07,320 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:48:07,439 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:48:25,773 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '10613#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (exists ((|v_#memory_int_288| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_288| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_288| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_161| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_330| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_183| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_191| Int)) (and (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_191| 0) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_330|) (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_161| 0) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_183| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_330| 4294967296)) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0))) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0)) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) (exists ((|v_#memory_$Pointer$.base_330| (Array Int (Array Int Int)))) (= (store |v_#memory_$Pointer$.base_330| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_330| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))) |#memory_$Pointer$.base|)) (exists ((|v_#memory_$Pointer$.offset_330| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_330| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_330| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))))' at error location [2024-11-09 04:48:25,774 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:48:25,774 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 04:48:25,774 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [17, 24] total 39 [2024-11-09 04:48:25,774 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [916974988] [2024-11-09 04:48:25,774 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 04:48:25,775 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 39 states [2024-11-09 04:48:25,775 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:48:25,775 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 39 interpolants. [2024-11-09 04:48:25,777 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=178, Invalid=3127, Unknown=1, NotChecked=0, Total=3306 [2024-11-09 04:48:25,777 INFO L87 Difference]: Start difference. First operand 283 states and 351 transitions. Second operand has 39 states, 32 states have (on average 1.96875) internal successors, (63), 34 states have internal predecessors, (63), 3 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 6 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-09 04:48:32,891 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:48:32,891 INFO L93 Difference]: Finished difference Result 419 states and 528 transitions. [2024-11-09 04:48:32,891 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 24 states. [2024-11-09 04:48:32,892 INFO L78 Accepts]: Start accepts. Automaton has has 39 states, 32 states have (on average 1.96875) internal successors, (63), 34 states have internal predecessors, (63), 3 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 6 states have call predecessors, (9), 3 states have call successors, (9) Word has length 86 [2024-11-09 04:48:32,892 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:48:32,895 INFO L225 Difference]: With dead ends: 419 [2024-11-09 04:48:32,896 INFO L226 Difference]: Without dead ends: 411 [2024-11-09 04:48:32,898 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 206 GetRequests, 130 SyntacticMatches, 6 SemanticMatches, 70 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1438 ImplicationChecksByTransitivity, 22.1s TimeCoverageRelationStatistics Valid=330, Invalid=4781, Unknown=1, NotChecked=0, Total=5112 [2024-11-09 04:48:32,899 INFO L432 NwaCegarLoop]: 91 mSDtfsCounter, 238 mSDsluCounter, 1031 mSDsCounter, 0 mSdLazyCounter, 4695 mSolverCounterSat, 23 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 4.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 238 SdHoareTripleChecker+Valid, 1122 SdHoareTripleChecker+Invalid, 4718 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 23 IncrementalHoareTripleChecker+Valid, 4695 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 5.2s IncrementalHoareTripleChecker+Time [2024-11-09 04:48:32,899 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [238 Valid, 1122 Invalid, 4718 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [23 Valid, 4695 Invalid, 0 Unknown, 0 Unchecked, 5.2s Time] [2024-11-09 04:48:32,900 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 411 states. [2024-11-09 04:48:32,911 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 411 to 309. [2024-11-09 04:48:32,912 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 309 states, 198 states have (on average 1.6717171717171717) internal successors, (331), 278 states have internal predecessors, (331), 23 states have call successors, (23), 5 states have call predecessors, (23), 9 states have return successors, (42), 25 states have call predecessors, (42), 22 states have call successors, (42) [2024-11-09 04:48:32,915 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 309 states to 309 states and 396 transitions. [2024-11-09 04:48:32,915 INFO L78 Accepts]: Start accepts. Automaton has 309 states and 396 transitions. Word has length 86 [2024-11-09 04:48:32,916 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:48:32,916 INFO L471 AbstractCegarLoop]: Abstraction has 309 states and 396 transitions. [2024-11-09 04:48:32,916 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 39 states, 32 states have (on average 1.96875) internal successors, (63), 34 states have internal predecessors, (63), 3 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 6 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-09 04:48:32,917 INFO L276 IsEmpty]: Start isEmpty. Operand 309 states and 396 transitions. [2024-11-09 04:48:32,918 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 89 [2024-11-09 04:48:32,918 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:48:32,918 INFO L215 NwaCegarLoop]: trace histogram [39, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:48:32,952 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (13)] Ended with exit code 0 [2024-11-09 04:48:33,119 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13,13 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:48:33,119 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:48:33,120 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:48:33,120 INFO L85 PathProgramCache]: Analyzing trace with hash 1678861016, now seen corresponding path program 7 times [2024-11-09 04:48:33,120 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:48:33,120 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1519267514] [2024-11-09 04:48:33,120 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:48:33,120 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:48:33,318 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:48:36,257 INFO L134 CoverageAnalysis]: Checked inductivity of 1050 backedges. 529 proven. 127 refuted. 0 times theorem prover too weak. 394 trivial. 0 not checked. [2024-11-09 04:48:36,258 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:48:36,258 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1519267514] [2024-11-09 04:48:36,258 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1519267514] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:48:36,258 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [45750250] [2024-11-09 04:48:36,258 INFO L93 rtionOrderModulation]: Changing assertion order to NOT_INCREMENTALLY [2024-11-09 04:48:36,258 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:48:36,259 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:48:36,263 INFO L229 MonitoredProcess]: Starting monitored process 14 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:48:36,269 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (14)] Waiting until timeout for monitored process [2024-11-09 04:48:37,949 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:48:37,957 INFO L255 TraceCheckSpWp]: Trace formula consists of 1076 conjuncts, 132 conjuncts are in the unsatisfiable core [2024-11-09 04:48:37,963 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:48:38,197 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2024-11-09 04:48:45,748 INFO L349 Elim1Store]: treesize reduction 20, result has 33.3 percent of original size [2024-11-09 04:48:45,749 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 16 [2024-11-09 04:48:45,758 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 9 [2024-11-09 04:48:45,906 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 04:48:46,884 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 04:48:46,885 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 14 treesize of output 9 [2024-11-09 04:48:46,899 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2024-11-09 04:48:46,900 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2024-11-09 04:48:46,973 INFO L134 CoverageAnalysis]: Checked inductivity of 1050 backedges. 302 proven. 556 refuted. 0 times theorem prover too weak. 54 trivial. 138 not checked. [2024-11-09 04:48:46,974 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:48:47,324 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [45750250] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:48:47,325 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [262417013] [2024-11-09 04:48:47,327 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 04:48:47,327 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:48:47,327 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:48:47,328 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:48:47,328 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:48:48,160 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:48:48,354 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:49:20,360 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '11717#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (<= (+ 8 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (exists ((|v_#memory_$Pointer$.offset_351| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_351| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_351| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0)) (exists ((|v_#memory_int_309| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_309| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_309| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))))) (<= 0 (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) (exists ((|v_#memory_$Pointer$.base_351| (Array Int (Array Int Int)))) (= (store |v_#memory_$Pointer$.base_351| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_351| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|) (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)))) |#memory_$Pointer$.base|)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#value#1_201| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_170| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_195| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_387| Int)) (and (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_170| 0) (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_195| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_387| 4294967296)) (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_201| 0) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_387|) (= (select (select |#memory_$Pointer$.offset| |ULTIMATE.start_l4_insert_~item~0#1.base|) (+ 4 |ULTIMATE.start_l4_insert_~item~0#1.offset|)) 0))))' at error location [2024-11-09 04:49:20,360 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:49:20,360 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 04:49:20,360 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [18, 42] total 58 [2024-11-09 04:49:20,360 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [530376079] [2024-11-09 04:49:20,361 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 04:49:20,361 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 58 states [2024-11-09 04:49:20,361 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:49:20,363 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 58 interpolants. [2024-11-09 04:49:20,364 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=257, Invalid=5444, Unknown=3, NotChecked=148, Total=5852 [2024-11-09 04:49:20,365 INFO L87 Difference]: Start difference. First operand 309 states and 396 transitions. Second operand has 58 states, 52 states have (on average 1.5576923076923077) internal successors, (81), 53 states have internal predecessors, (81), 3 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 6 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-09 04:49:22,435 WARN L539 Checker$ProtectedHtc]: IncrementalHoareTripleChecker took 2.00s for a HTC check with result UNKNOWN. Formula has sorts [Array, Bool, Int], hasArrays=true, hasNonlinArith=true, quantifiers [0] [2024-11-09 04:49:33,463 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:49:33,464 INFO L93 Difference]: Finished difference Result 451 states and 582 transitions. [2024-11-09 04:49:33,464 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2024-11-09 04:49:33,465 INFO L78 Accepts]: Start accepts. Automaton has has 58 states, 52 states have (on average 1.5576923076923077) internal successors, (81), 53 states have internal predecessors, (81), 3 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 6 states have call predecessors, (9), 3 states have call successors, (9) Word has length 88 [2024-11-09 04:49:33,465 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:49:33,467 INFO L225 Difference]: With dead ends: 451 [2024-11-09 04:49:33,467 INFO L226 Difference]: Without dead ends: 439 [2024-11-09 04:49:33,469 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 214 GetRequests, 117 SyntacticMatches, 7 SemanticMatches, 90 ConstructedPredicates, 1 IntricatePredicates, 0 DeprecatedPredicates, 2741 ImplicationChecksByTransitivity, 44.4s TimeCoverageRelationStatistics Valid=430, Invalid=7761, Unknown=3, NotChecked=178, Total=8372 [2024-11-09 04:49:33,470 INFO L432 NwaCegarLoop]: 108 mSDtfsCounter, 251 mSDsluCounter, 1665 mSDsCounter, 0 mSdLazyCounter, 6986 mSolverCounterSat, 25 mSolverCounterUnsat, 1 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 8.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 251 SdHoareTripleChecker+Valid, 1773 SdHoareTripleChecker+Invalid, 7392 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 25 IncrementalHoareTripleChecker+Valid, 6986 IncrementalHoareTripleChecker+Invalid, 1 IncrementalHoareTripleChecker+Unknown, 380 IncrementalHoareTripleChecker+Unchecked, 9.7s IncrementalHoareTripleChecker+Time [2024-11-09 04:49:33,470 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [251 Valid, 1773 Invalid, 7392 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [25 Valid, 6986 Invalid, 1 Unknown, 380 Unchecked, 9.7s Time] [2024-11-09 04:49:33,472 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 439 states. [2024-11-09 04:49:33,485 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 439 to 311. [2024-11-09 04:49:33,486 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 311 states, 200 states have (on average 1.675) internal successors, (335), 280 states have internal predecessors, (335), 23 states have call successors, (23), 5 states have call predecessors, (23), 9 states have return successors, (42), 25 states have call predecessors, (42), 22 states have call successors, (42) [2024-11-09 04:49:33,489 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 311 states to 311 states and 400 transitions. [2024-11-09 04:49:33,489 INFO L78 Accepts]: Start accepts. Automaton has 311 states and 400 transitions. Word has length 88 [2024-11-09 04:49:33,490 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:49:33,490 INFO L471 AbstractCegarLoop]: Abstraction has 311 states and 400 transitions. [2024-11-09 04:49:33,490 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 58 states, 52 states have (on average 1.5576923076923077) internal successors, (81), 53 states have internal predecessors, (81), 3 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 6 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-09 04:49:33,490 INFO L276 IsEmpty]: Start isEmpty. Operand 311 states and 400 transitions. [2024-11-09 04:49:33,491 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 91 [2024-11-09 04:49:33,492 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:49:33,492 INFO L215 NwaCegarLoop]: trace histogram [41, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:49:33,539 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (14)] Ended with exit code 0 [2024-11-09 04:49:33,692 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 14 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable14 [2024-11-09 04:49:33,693 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting ULTIMATE.startErr3REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:49:33,693 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:49:33,693 INFO L85 PathProgramCache]: Analyzing trace with hash -1545811020, now seen corresponding path program 8 times [2024-11-09 04:49:33,693 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:49:33,693 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1430192734] [2024-11-09 04:49:33,694 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:49:33,694 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:49:33,933 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:49:37,278 INFO L134 CoverageAnalysis]: Checked inductivity of 1141 backedges. 557 proven. 313 refuted. 0 times theorem prover too weak. 271 trivial. 0 not checked. [2024-11-09 04:49:37,278 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:49:37,279 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1430192734] [2024-11-09 04:49:37,279 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1430192734] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:49:37,279 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1474763120] [2024-11-09 04:49:37,279 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2024-11-09 04:49:37,279 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:49:37,280 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:49:37,282 INFO L229 MonitoredProcess]: Starting monitored process 15 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:49:37,286 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (15)] Waiting until timeout for monitored process [2024-11-09 04:49:40,492 INFO L227 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 4 check-sat command(s) [2024-11-09 04:49:40,492 INFO L228 tOrderPrioritization]: Conjunction of SSA is unsat [2024-11-09 04:49:40,497 INFO L255 TraceCheckSpWp]: Trace formula consists of 519 conjuncts, 71 conjuncts are in the unsatisfiable core [2024-11-09 04:49:40,502 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:49:40,527 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 10 treesize of output 9 [2024-11-09 04:49:40,555 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 6 treesize of output 5 [2024-11-09 04:49:41,686 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= |c_#valid| (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 04:49:41,800 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 04:49:41,801 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 25 treesize of output 18 [2024-11-09 04:49:41,841 INFO L349 Elim1Store]: treesize reduction 20, result has 33.3 percent of original size [2024-11-09 04:49:41,842 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 16 [2024-11-09 04:49:41,910 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= (store |c_old(#length)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#length| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|)) |c_#length|) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 04:49:42,089 INFO L190 IndexEqualityManager]: detected not equals via solver [2024-11-09 04:49:42,091 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 1 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 25 treesize of output 18 [2024-11-09 04:49:42,102 INFO L349 Elim1Store]: treesize reduction 4, result has 50.0 percent of original size [2024-11-09 04:49:42,103 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 1 case distinctions, treesize of input 11 treesize of output 11 [2024-11-09 04:49:42,223 INFO L134 CoverageAnalysis]: Checked inductivity of 1141 backedges. 557 proven. 8 refuted. 0 times theorem prover too weak. 288 trivial. 288 not checked. [2024-11-09 04:49:42,224 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:49:42,470 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1474763120] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:49:42,470 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1930294497] [2024-11-09 04:49:42,472 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2024-11-09 04:49:42,473 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:49:42,473 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:49:42,473 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:49:42,473 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:49:44,302 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:49:44,547 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:49:54,643 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '12838#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (exists ((|v_#memory_$Pointer$.offset_372| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.offset| (store |v_#memory_$Pointer$.offset_372| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.offset_372| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 0)))) (= |ULTIMATE.start_l4_insert_~item~0#1.offset| 0) (exists ((|v_ULTIMATE.start_l4_insert_~list#1.base_22| Int)) (and (or (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_328| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_328| 3) 0) 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_204| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_413| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_204| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_413| 4294967296)) (or (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_413| 0) (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_413|)))) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l2_insert_~item~2#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_328| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_328| 3) 0) 0)) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)) (exists ((|v_old(#memory_int)_AFTER_CALL_208| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_208| 1) 1) 0) (= (select (select |v_old(#memory_int)_AFTER_CALL_208| 1) 0) 48))) (exists ((|v_#length_BEFORE_CALL_348| (Array Int Int))) (and (= (select |v_#length_BEFORE_CALL_348| 3) 4) (= 2 (select |v_#length_BEFORE_CALL_348| 1)) (= (select |v_#length_BEFORE_CALL_348| 2) 14)))) (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_204| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_413| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_204| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_413| 4294967296)) (or (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_413| 0) (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_413|)))) (not (= |ULTIMATE.start_l4_insert_~item~0#1.base| 0)) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (= |ULTIMATE.start_l3_insert_~list#1.base| |ULTIMATE.start_l2_insert_~item~2#1.base|) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_330| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_330| 3) 0) 0)) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_#length_BEFORE_CALL_350| (Array Int Int))) (and (= (select |v_#length_BEFORE_CALL_350| 1) 2) (= 14 (select |v_#length_BEFORE_CALL_350| 2)) (= (select |v_#length_BEFORE_CALL_350| 3) 4))) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) (not (= (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4) 0)) (exists ((|v_old(#memory_int)_AFTER_CALL_209| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_209| 1) 0) 48) (= (select (select |v_old(#memory_int)_AFTER_CALL_209| 1) 1) 0))) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_330| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_330| 3) 0) 0)))) (<= (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_22|) 3))) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= (select |#valid| |ULTIMATE.start_l4_insert_~item~0#1.base|) 1) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l1_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (<= 8 (select |#length| |ULTIMATE.start_l4_insert_~item~0#1.base|)) (= |ULTIMATE.start_l3_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~item~4#1.offset| 0) (= |ULTIMATE.start_l1_insert_~item~3#1.offset| 0) (exists ((|v_#memory_$Pointer$.base_372| (Array Int (Array Int Int)))) (= |#memory_$Pointer$.base| (store |v_#memory_$Pointer$.base_372| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_$Pointer$.base_372| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_$Pointer$.base| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))))) (= |ULTIMATE.start_l2_insert_~item~2#1.offset| 0) (exists ((|v_#memory_int_330| (Array Int (Array Int Int)))) (= |#memory_int| (store |v_#memory_int_330| |ULTIMATE.start_l4_insert_~item~0#1.base| (store (select |v_#memory_int_330| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4 (select (select |#memory_int| |ULTIMATE.start_l4_insert_~item~0#1.base|) 4))))) (= |ULTIMATE.start_l2_insert_~list#1.offset| 0) (= |ULTIMATE.start_l3_insert_~item~1#1.offset| 0))' at error location [2024-11-09 04:49:54,643 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:49:54,643 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 04:49:54,644 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [20, 12] total 30 [2024-11-09 04:49:54,644 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [552350789] [2024-11-09 04:49:54,644 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 04:49:54,645 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 31 states [2024-11-09 04:49:54,645 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:49:54,645 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2024-11-09 04:49:54,646 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=226, Invalid=2642, Unknown=2, NotChecked=210, Total=3080 [2024-11-09 04:49:54,647 INFO L87 Difference]: Start difference. First operand 311 states and 400 transitions. Second operand has 31 states, 26 states have (on average 2.3076923076923075) internal successors, (60), 28 states have internal predecessors, (60), 3 states have call successors, (8), 2 states have call predecessors, (8), 7 states have return successors, (9), 7 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-09 04:50:02,588 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:50:02,588 INFO L93 Difference]: Finished difference Result 400 states and 505 transitions. [2024-11-09 04:50:02,589 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2024-11-09 04:50:02,589 INFO L78 Accepts]: Start accepts. Automaton has has 31 states, 26 states have (on average 2.3076923076923075) internal successors, (60), 28 states have internal predecessors, (60), 3 states have call successors, (8), 2 states have call predecessors, (8), 7 states have return successors, (9), 7 states have call predecessors, (9), 3 states have call successors, (9) Word has length 90 [2024-11-09 04:50:02,590 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:50:02,592 INFO L225 Difference]: With dead ends: 400 [2024-11-09 04:50:02,592 INFO L226 Difference]: Without dead ends: 399 [2024-11-09 04:50:02,593 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 217 GetRequests, 144 SyntacticMatches, 7 SemanticMatches, 66 ConstructedPredicates, 2 IntricatePredicates, 0 DeprecatedPredicates, 1192 ImplicationChecksByTransitivity, 15.0s TimeCoverageRelationStatistics Valid=347, Invalid=3949, Unknown=2, NotChecked=258, Total=4556 [2024-11-09 04:50:02,594 INFO L432 NwaCegarLoop]: 84 mSDtfsCounter, 258 mSDsluCounter, 563 mSDsCounter, 0 mSdLazyCounter, 3653 mSolverCounterSat, 23 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 4.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 258 SdHoareTripleChecker+Valid, 647 SdHoareTripleChecker+Invalid, 4349 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 23 IncrementalHoareTripleChecker+Valid, 3653 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 673 IncrementalHoareTripleChecker+Unchecked, 4.6s IncrementalHoareTripleChecker+Time [2024-11-09 04:50:02,594 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [258 Valid, 647 Invalid, 4349 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [23 Valid, 3653 Invalid, 0 Unknown, 673 Unchecked, 4.6s Time] [2024-11-09 04:50:02,595 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 399 states. [2024-11-09 04:50:02,612 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 399 to 307. [2024-11-09 04:50:02,613 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 307 states, 199 states have (on average 1.64321608040201) internal successors, (327), 276 states have internal predecessors, (327), 23 states have call successors, (23), 5 states have call predecessors, (23), 9 states have return successors, (42), 25 states have call predecessors, (42), 22 states have call successors, (42) [2024-11-09 04:50:02,615 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 307 states to 307 states and 392 transitions. [2024-11-09 04:50:02,620 INFO L78 Accepts]: Start accepts. Automaton has 307 states and 392 transitions. Word has length 90 [2024-11-09 04:50:02,620 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:50:02,620 INFO L471 AbstractCegarLoop]: Abstraction has 307 states and 392 transitions. [2024-11-09 04:50:02,620 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 31 states, 26 states have (on average 2.3076923076923075) internal successors, (60), 28 states have internal predecessors, (60), 3 states have call successors, (8), 2 states have call predecessors, (8), 7 states have return successors, (9), 7 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-09 04:50:02,620 INFO L276 IsEmpty]: Start isEmpty. Operand 307 states and 392 transitions. [2024-11-09 04:50:02,622 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 93 [2024-11-09 04:50:02,622 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:50:02,622 INFO L215 NwaCegarLoop]: trace histogram [39, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:50:02,683 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (15)] Forceful destruction successful, exit code 0 [2024-11-09 04:50:02,823 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 15 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable15 [2024-11-09 04:50:02,823 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting ULTIMATE.startErr8REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:50:02,824 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:50:02,824 INFO L85 PathProgramCache]: Analyzing trace with hash -1582945124, now seen corresponding path program 1 times [2024-11-09 04:50:02,825 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:50:02,825 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1411943536] [2024-11-09 04:50:02,825 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:50:02,825 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:50:03,007 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:50:04,619 INFO L134 CoverageAnalysis]: Checked inductivity of 1050 backedges. 687 proven. 99 refuted. 0 times theorem prover too weak. 264 trivial. 0 not checked. [2024-11-09 04:50:04,620 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:50:04,620 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1411943536] [2024-11-09 04:50:04,620 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1411943536] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:50:04,620 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [210822160] [2024-11-09 04:50:04,620 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:50:04,620 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:50:04,620 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:50:04,622 INFO L229 MonitoredProcess]: Starting monitored process 16 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:50:04,623 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (16)] Waiting until timeout for monitored process [2024-11-09 04:50:05,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:50:05,241 INFO L255 TraceCheckSpWp]: Trace formula consists of 1120 conjuncts, 36 conjuncts are in the unsatisfiable core [2024-11-09 04:50:05,244 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:50:05,327 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (and (= |c_#valid| (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| (select |c_#valid| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|))) (= (select |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base|) 0))) is different from true [2024-11-09 04:50:05,400 INFO L349 Elim1Store]: treesize reduction 20, result has 33.3 percent of original size [2024-11-09 04:50:05,401 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 2 select indices, 2 select index equivalence classes, 0 disjoint index pairs (out of 1 index pairs), introduced 2 new quantified variables, introduced 2 case distinctions, treesize of input 19 treesize of output 16 [2024-11-09 04:50:05,443 WARN L873 $PredicateComparison]: unable to prove that (exists ((|zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| Int)) (= (store |c_old(#valid)| |zalloc_or_die_#Ultimate.C_memset_#ptr#1.base| 1) |c_#valid|)) is different from true [2024-11-09 04:50:05,481 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2024-11-09 04:50:05,481 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2024-11-09 04:50:05,560 INFO L349 Elim1Store]: treesize reduction 15, result has 25.0 percent of original size [2024-11-09 04:50:05,560 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 1 case distinctions, treesize of input 12 treesize of output 14 [2024-11-09 04:50:05,586 INFO L134 CoverageAnalysis]: Checked inductivity of 1050 backedges. 429 proven. 2 refuted. 0 times theorem prover too weak. 318 trivial. 301 not checked. [2024-11-09 04:50:05,586 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:50:06,249 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [210822160] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:50:06,250 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [945597601] [2024-11-09 04:50:06,251 INFO L159 IcfgInterpreter]: Started Sifa with 29 locations of interest [2024-11-09 04:50:06,252 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:50:06,252 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:50:06,252 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:50:06,253 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:50:07,218 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:50:07,384 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:50:18,577 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '14012#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (exists ((|v_ULTIMATE.start_l3_insert_~list#1.base_14| Int)) (not (= (select |#valid| |v_ULTIMATE.start_l3_insert_~list#1.base_14|) 1))) (exists ((|v_#memory_$Pointer$.offset_434| (Array Int (Array Int Int))) (|v_ULTIMATE.start_l4_insert_~list#1.offset_21| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_192| Int) (|v_ULTIMATE.start_l4_insert_~list#1.base_24| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#value#1_229| Int) (|v_#memory_int_391| (Array Int (Array Int Int))) (|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_217| Int) (|v_#memory_$Pointer$.base_434| (Array Int (Array Int Int))) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_474| Int) (|v_#memory_$Pointer$.base_433| (Array Int (Array Int Int))) (|v_#memory_int_393| (Array Int (Array Int Int))) (|v_#memory_int_392| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.offset_433| (Array Int (Array Int Int)))) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_217| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_474| 4294967296)) (<= 0 |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (= (store |v_#memory_$Pointer$.base_433| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_$Pointer$.base_433| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 4) (select (select |v_#memory_$Pointer$.base_434| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 4)))) |v_#memory_$Pointer$.base_434|) (<= 0 (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (= (select |#valid| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) 1) (= (store (store |v_#memory_$Pointer$.base_434| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_$Pointer$.base_434| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (select (select |v_#memory_$Pointer$.base_434| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|))) |v_ULTIMATE.start_l4_insert_~list#1.base_24| (store (select (store |v_#memory_$Pointer$.base_434| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_$Pointer$.base_434| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (select (select |v_#memory_$Pointer$.base_434| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|))) |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|))) |#memory_$Pointer$.base|) (= (store |v_#memory_$Pointer$.offset_433| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_$Pointer$.offset_433| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 4) 0)) |v_#memory_$Pointer$.offset_434|) (<= (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 8) (select |#length| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|))) (<= (+ 4 |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_24|)) (= |#memory_$Pointer$.offset| (store (store |v_#memory_$Pointer$.offset_434| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_$Pointer$.offset_434| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (select (select |v_#memory_$Pointer$.offset_434| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|))) |v_ULTIMATE.start_l4_insert_~list#1.base_24| (store (select (store |v_#memory_$Pointer$.offset_434| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_$Pointer$.offset_434| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (select (select |v_#memory_$Pointer$.offset_434| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|))) |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21| (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)))) (= (store |v_#memory_int_391| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_int_391| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 4) (select (select |v_#memory_int_392| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 4)))) |v_#memory_int_392|) (= |v_zalloc_or_die_#Ultimate.C_memset_#value#1_229| 0) (= |v_zalloc_or_die_#Ultimate.C_memset_#res#1.offset_192| 0) (not (= (select (select |v_#memory_$Pointer$.base_434| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (+ (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) 4)) 0)) (= (select |#valid| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) 1) (= |#memory_int| (store |v_#memory_int_393| |v_ULTIMATE.start_l4_insert_~list#1.base_24| (store (select |v_#memory_int_393| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21| (select (select |#memory_int| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)))) (<= 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_474|) (= (store |v_#memory_int_392| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (store (select |v_#memory_int_392| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|) (select (select |v_#memory_int_393| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)) (select (select |#memory_$Pointer$.offset| |v_ULTIMATE.start_l4_insert_~list#1.base_24|) |v_ULTIMATE.start_l4_insert_~list#1.offset_21|)))) |v_#memory_int_393|))))' at error location [2024-11-09 04:50:18,577 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:50:18,577 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 04:50:18,578 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 11] total 20 [2024-11-09 04:50:18,578 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1584760164] [2024-11-09 04:50:18,578 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 04:50:18,579 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 21 states [2024-11-09 04:50:18,579 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:50:18,580 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2024-11-09 04:50:18,580 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=144, Invalid=1750, Unknown=6, NotChecked=170, Total=2070 [2024-11-09 04:50:18,581 INFO L87 Difference]: Start difference. First operand 307 states and 392 transitions. Second operand has 21 states, 17 states have (on average 3.176470588235294) internal successors, (54), 17 states have internal predecessors, (54), 4 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 6 states have call predecessors, (9), 4 states have call successors, (9) [2024-11-09 04:50:20,007 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:50:20,008 INFO L93 Difference]: Finished difference Result 396 states and 497 transitions. [2024-11-09 04:50:20,009 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-09 04:50:20,009 INFO L78 Accepts]: Start accepts. Automaton has has 21 states, 17 states have (on average 3.176470588235294) internal successors, (54), 17 states have internal predecessors, (54), 4 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 6 states have call predecessors, (9), 4 states have call successors, (9) Word has length 92 [2024-11-09 04:50:20,010 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:50:20,012 INFO L225 Difference]: With dead ends: 396 [2024-11-09 04:50:20,012 INFO L226 Difference]: Without dead ends: 396 [2024-11-09 04:50:20,012 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 252 GetRequests, 191 SyntacticMatches, 14 SemanticMatches, 47 ConstructedPredicates, 2 IntricatePredicates, 0 DeprecatedPredicates, 692 ImplicationChecksByTransitivity, 12.0s TimeCoverageRelationStatistics Valid=171, Invalid=1993, Unknown=6, NotChecked=182, Total=2352 [2024-11-09 04:50:20,013 INFO L432 NwaCegarLoop]: 157 mSDtfsCounter, 552 mSDsluCounter, 1562 mSDsCounter, 0 mSdLazyCounter, 1209 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 552 SdHoareTripleChecker+Valid, 1719 SdHoareTripleChecker+Invalid, 1928 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 1209 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 657 IncrementalHoareTripleChecker+Unchecked, 1.2s IncrementalHoareTripleChecker+Time [2024-11-09 04:50:20,014 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [552 Valid, 1719 Invalid, 1928 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 1209 Invalid, 0 Unknown, 657 Unchecked, 1.2s Time] [2024-11-09 04:50:20,016 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 396 states. [2024-11-09 04:50:20,034 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 396 to 304. [2024-11-09 04:50:20,037 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 304 states, 199 states have (on average 1.6080402010050252) internal successors, (320), 273 states have internal predecessors, (320), 23 states have call successors, (23), 5 states have call predecessors, (23), 9 states have return successors, (42), 25 states have call predecessors, (42), 22 states have call successors, (42) [2024-11-09 04:50:20,040 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 304 states to 304 states and 385 transitions. [2024-11-09 04:50:20,040 INFO L78 Accepts]: Start accepts. Automaton has 304 states and 385 transitions. Word has length 92 [2024-11-09 04:50:20,041 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:50:20,041 INFO L471 AbstractCegarLoop]: Abstraction has 304 states and 385 transitions. [2024-11-09 04:50:20,041 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 21 states, 17 states have (on average 3.176470588235294) internal successors, (54), 17 states have internal predecessors, (54), 4 states have call successors, (8), 2 states have call predecessors, (8), 6 states have return successors, (9), 6 states have call predecessors, (9), 4 states have call successors, (9) [2024-11-09 04:50:20,041 INFO L276 IsEmpty]: Start isEmpty. Operand 304 states and 385 transitions. [2024-11-09 04:50:20,042 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 93 [2024-11-09 04:50:20,042 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:50:20,043 INFO L215 NwaCegarLoop]: trace histogram [39, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:50:20,070 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (16)] Ended with exit code 0 [2024-11-09 04:50:20,246 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 16 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable16 [2024-11-09 04:50:20,247 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting ULTIMATE.startErr9REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:50:20,247 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:50:20,247 INFO L85 PathProgramCache]: Analyzing trace with hash -1582945123, now seen corresponding path program 1 times [2024-11-09 04:50:20,248 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:50:20,248 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [873776644] [2024-11-09 04:50:20,248 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:50:20,248 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:50:20,609 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unknown [2024-11-09 04:50:20,617 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleZ3 [1878190208] [2024-11-09 04:50:20,617 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:50:20,617 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:50:20,617 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:50:20,619 INFO L229 MonitoredProcess]: Starting monitored process 17 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:50:20,622 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (17)] Waiting until timeout for monitored process [2024-11-09 04:50:21,818 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:50:21,825 INFO L255 TraceCheckSpWp]: Trace formula consists of 1120 conjuncts, 90 conjuncts are in the unsatisfiable core [2024-11-09 04:50:21,830 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 04:50:21,880 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 1 stores, 0 select indices, 0 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 0 new quantified variables, introduced 0 case distinctions, treesize of input 8 treesize of output 1 [2024-11-09 04:50:21,920 INFO L378 Elim1Store]: Elim1 eliminated variable of array dimension 1, 0 stores, 1 select indices, 1 select index equivalence classes, 0 disjoint index pairs (out of 0 index pairs), introduced 1 new quantified variables, introduced 0 case distinctions, treesize of input 13 treesize of output 9 [2024-11-09 04:50:22,136 INFO L134 CoverageAnalysis]: Checked inductivity of 1050 backedges. 628 proven. 115 refuted. 0 times theorem prover too weak. 307 trivial. 0 not checked. [2024-11-09 04:50:22,136 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 04:50:22,784 INFO L134 CoverageAnalysis]: Checked inductivity of 1050 backedges. 117 proven. 147 refuted. 0 times theorem prover too weak. 786 trivial. 0 not checked. [2024-11-09 04:50:22,785 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:50:22,785 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [873776644] [2024-11-09 04:50:22,785 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: SMT_SOLVER_CANNOT_INTERPOLATE_INPUT [2024-11-09 04:50:22,785 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1878190208] [2024-11-09 04:50:22,785 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1878190208] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 04:50:22,785 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2014838474] [2024-11-09 04:50:22,787 INFO L159 IcfgInterpreter]: Started Sifa with 29 locations of interest [2024-11-09 04:50:22,788 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 04:50:22,788 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 04:50:22,788 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 04:50:22,788 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 04:50:24,950 INFO L197 IcfgInterpreter]: Interpreting procedure zalloc_or_die with input of size 65 for LOIs [2024-11-09 04:50:25,106 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 04:50:49,687 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '15310#(and (<= 1 |#StackHeapBarrier|) (= |~#list~0.offset| 0) (exists ((|v_#memory_$Pointer$.base_505| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.offset_504| (Array Int (Array Int Int))) (|v_#memory_$Pointer$.base_504| (Array Int (Array Int Int))) (|v_ULTIMATE.start_l3_insert_~list#1.base_15| Int) (|v_ULTIMATE.start_l4_insert_~list#1.base_26| Int) (|v_#memory_int_463| (Array Int (Array Int Int))) (|v_#memory_int_462| (Array Int (Array Int Int))) (|v_#memory_int_464| (Array Int (Array Int Int)))) (and (= (store |v_#memory_int_462| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0) (store (select |v_#memory_int_462| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 4 (select (select |v_#memory_int_463| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 4))) |v_#memory_int_463|) (= |#memory_$Pointer$.base| (store (store |v_#memory_$Pointer$.base_505| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0) (store (select |v_#memory_$Pointer$.base_505| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 0 (select (select |v_#memory_$Pointer$.base_505| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0))) |v_ULTIMATE.start_l4_insert_~list#1.base_26| (store (select (store |v_#memory_$Pointer$.base_505| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0) (store (select |v_#memory_$Pointer$.base_505| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 0 (select (select |v_#memory_$Pointer$.base_505| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0))) |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0 (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)))) (= (select |#valid| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 1) (<= (select |#length| |v_ULTIMATE.start_l3_insert_~list#1.base_15|) 7) (= (store |v_#memory_int_463| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0) (store (select |v_#memory_int_463| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 0 (select (select |v_#memory_int_464| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 0))) |v_#memory_int_464|) (or (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (exists ((|v_#length_BEFORE_CALL_410| (Array Int Int))) (and (= 14 (select |v_#length_BEFORE_CALL_410| 2)) (= (select |v_#length_BEFORE_CALL_410| 3) 4) (= (select |v_#length_BEFORE_CALL_410| 1) 2))) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_390| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_390| 3) 0) 0)) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0) 0)) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (exists ((|v_old(#memory_int)_AFTER_CALL_245| (Array Int (Array Int Int)))) (and (= (select (select |v_old(#memory_int)_AFTER_CALL_245| 1) 1) 0) (= (select (select |v_old(#memory_int)_AFTER_CALL_245| 1) 0) 48))) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (not (= (select (select |v_#memory_$Pointer$.base_505| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 4) 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_247| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_562| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_247| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_562| 4294967296)) (or (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_562|) (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_562| 0)))) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_390| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_390| 3) 0) 0)) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) (= |ULTIMATE.start_l2_insert_~item~2#1.base| |v_ULTIMATE.start_l3_insert_~list#1.base_15|)) (and (not (= |ULTIMATE.start_l1_insert_~item~3#1.base| 0)) (not (= (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0) 0)) (not (= |ULTIMATE.start_l2_insert_~item~2#1.base| 0)) (not (= |ULTIMATE.start_l0_insert_~item~4#1.base| 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 1) 1) (= (select |ULTIMATE.start_main_old_#valid#1| 2) 1) (exists ((|v_#memory_$Pointer$.base_BEFORE_CALL_388| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.base_BEFORE_CALL_388| 3) 0) 0)) (= (select |ULTIMATE.start_main_old_#valid#1| 3) 1) (not (= |ULTIMATE.start_l3_insert_~item~1#1.base| 0)) (= |ULTIMATE.start_l2_insert_~list#1.base| |ULTIMATE.start_l1_insert_~item~3#1.base|) (not (= (select (select |v_#memory_$Pointer$.base_505| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 4) 0)) (exists ((|v_zalloc_or_die_#Ultimate.C_memset_#amount#1_247| Int) (|v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_562| Int)) (and (<= (mod |v_zalloc_or_die_#Ultimate.C_memset_#amount#1_247| 4294967296) (mod |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_562| 4294967296)) (or (< 0 |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_562|) (= |v_zalloc_or_die_#Ultimate.C_memset_#t~loopctr40#1_562| 0)))) (= |ULTIMATE.start_l1_insert_~list#1.base| |ULTIMATE.start_l0_insert_~item~4#1.base|) (= (select |ULTIMATE.start_main_old_#valid#1| 0) 0) (= |ULTIMATE.start_l3_insert_~item~1#1.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) (exists ((|v_#length_BEFORE_CALL_408| (Array Int Int))) (and (= 2 (select |v_#length_BEFORE_CALL_408| 1)) (= (select |v_#length_BEFORE_CALL_408| 2) 14) (= (select |v_#length_BEFORE_CALL_408| 3) 4))) (= |ULTIMATE.start_l2_insert_~item~2#1.base| |v_ULTIMATE.start_l3_insert_~list#1.base_15|) (exists ((|v_#memory_$Pointer$.offset_BEFORE_CALL_388| (Array Int (Array Int Int)))) (= (select (select |v_#memory_$Pointer$.offset_BEFORE_CALL_388| 3) 0) 0)) (exists ((|v_old(#memory_int)_AFTER_CALL_244| (Array Int (Array Int Int)))) (and (= 48 (select (select |v_old(#memory_int)_AFTER_CALL_244| 1) 0)) (= (select (select |v_old(#memory_int)_AFTER_CALL_244| 1) 1) 0))))) (= |#memory_int| (store |v_#memory_int_464| |v_ULTIMATE.start_l4_insert_~list#1.base_26| (store (select |v_#memory_int_464| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0 (select (select |#memory_int| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)))) (= |#memory_$Pointer$.offset| (store (store |v_#memory_$Pointer$.offset_504| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0) (store (store (select |v_#memory_$Pointer$.offset_504| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 4 0) 0 (select (select |v_#memory_$Pointer$.offset_504| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0))) |v_ULTIMATE.start_l4_insert_~list#1.base_26| (store (select (store |v_#memory_$Pointer$.offset_504| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0) (store (store (select |v_#memory_$Pointer$.offset_504| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 4 0) 0 (select (select |v_#memory_$Pointer$.offset_504| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0))) |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0 0))) (= (store |v_#memory_$Pointer$.base_504| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0) (store (select |v_#memory_$Pointer$.base_504| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 4 (select (select |v_#memory_$Pointer$.base_505| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 4))) |v_#memory_$Pointer$.base_505|) (<= 8 (select |#length| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0))) (= (select |#valid| (select (select |#memory_$Pointer$.base| |v_ULTIMATE.start_l4_insert_~list#1.base_26|) 0)) 1) (<= 4 (select |#length| |v_ULTIMATE.start_l4_insert_~list#1.base_26|)))) (= |ULTIMATE.start_l0_insert_~list#1.base| 3) (= 3 |~#list~0.base|) (= |ULTIMATE.start_l1_insert_~list#1.offset| 4) (= |ULTIMATE.start_l0_insert_~list#1.offset| 0) (= |ULTIMATE.start_l0_insert_~item~4#1.offset| 0) (= |ULTIMATE.start_l1_insert_~item~3#1.offset| 0) (= |ULTIMATE.start_l2_insert_~item~2#1.offset| 0) (= |ULTIMATE.start_l2_insert_~list#1.offset| 0) (= |ULTIMATE.start_l3_insert_~item~1#1.offset| 0))' at error location [2024-11-09 04:50:49,687 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 04:50:49,688 INFO L185 FreeRefinementEngine]: Found 0 perfect and 2 imperfect interpolant sequences. [2024-11-09 04:50:49,688 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 10] total 23 [2024-11-09 04:50:49,688 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1919897142] [2024-11-09 04:50:49,688 INFO L85 oduleStraightlineAll]: Using 2 imperfect interpolants to construct interpolant automaton [2024-11-09 04:50:49,688 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 23 states [2024-11-09 04:50:49,688 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 04:50:49,689 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2024-11-09 04:50:49,689 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=274, Invalid=2172, Unknown=4, NotChecked=0, Total=2450 [2024-11-09 04:50:49,690 INFO L87 Difference]: Start difference. First operand 304 states and 385 transitions. Second operand has 23 states, 21 states have (on average 2.4285714285714284) internal successors, (51), 23 states have internal predecessors, (51), 2 states have call successors, (8), 2 states have call predecessors, (8), 4 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 04:50:51,379 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 04:50:51,379 INFO L93 Difference]: Finished difference Result 283 states and 336 transitions. [2024-11-09 04:50:51,380 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2024-11-09 04:50:51,380 INFO L78 Accepts]: Start accepts. Automaton has has 23 states, 21 states have (on average 2.4285714285714284) internal successors, (51), 23 states have internal predecessors, (51), 2 states have call successors, (8), 2 states have call predecessors, (8), 4 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) Word has length 92 [2024-11-09 04:50:51,380 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 04:50:51,382 INFO L225 Difference]: With dead ends: 283 [2024-11-09 04:50:51,382 INFO L226 Difference]: Without dead ends: 277 [2024-11-09 04:50:51,383 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 289 GetRequests, 220 SyntacticMatches, 6 SemanticMatches, 63 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1187 ImplicationChecksByTransitivity, 25.8s TimeCoverageRelationStatistics Valid=477, Invalid=3679, Unknown=4, NotChecked=0, Total=4160 [2024-11-09 04:50:51,384 INFO L432 NwaCegarLoop]: 193 mSDtfsCounter, 38 mSDsluCounter, 2227 mSDsCounter, 0 mSdLazyCounter, 570 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 2420 SdHoareTripleChecker+Invalid, 597 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 570 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2024-11-09 04:50:51,384 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 2420 Invalid, 597 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 570 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2024-11-09 04:50:51,385 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 277 states. [2024-11-09 04:50:51,391 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 277 to 277. [2024-11-09 04:50:51,392 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 277 states, 181 states have (on average 1.6243093922651934) internal successors, (294), 253 states have internal predecessors, (294), 18 states have call successors, (18), 5 states have call predecessors, (18), 5 states have return successors, (18), 18 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-09 04:50:51,394 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 277 states to 277 states and 330 transitions. [2024-11-09 04:50:51,394 INFO L78 Accepts]: Start accepts. Automaton has 277 states and 330 transitions. Word has length 92 [2024-11-09 04:50:51,395 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 04:50:51,395 INFO L471 AbstractCegarLoop]: Abstraction has 277 states and 330 transitions. [2024-11-09 04:50:51,395 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 23 states, 21 states have (on average 2.4285714285714284) internal successors, (51), 23 states have internal predecessors, (51), 2 states have call successors, (8), 2 states have call predecessors, (8), 4 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 04:50:51,395 INFO L276 IsEmpty]: Start isEmpty. Operand 277 states and 330 transitions. [2024-11-09 04:50:51,396 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 105 [2024-11-09 04:50:51,397 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 04:50:51,397 INFO L215 NwaCegarLoop]: trace histogram [51, 6, 6, 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 04:50:51,433 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (17)] Ended with exit code 0 [2024-11-09 04:50:51,597 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 17 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable17 [2024-11-09 04:50:51,598 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting ULTIMATE.startErr9REQUIRES_VIOLATIONMEMORY_DEREFERENCE === [ULTIMATE.startErr0REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr1REQUIRES_VIOLATIONMEMORY_DEREFERENCE, ULTIMATE.startErr2REQUIRES_VIOLATIONMEMORY_DEREFERENCE (and 84 more)] === [2024-11-09 04:50:51,598 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 04:50:51,599 INFO L85 PathProgramCache]: Analyzing trace with hash 1181470933, now seen corresponding path program 2 times [2024-11-09 04:50:51,599 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 04:50:51,599 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [854116422] [2024-11-09 04:50:51,599 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 04:50:51,599 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 04:50:51,965 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 04:50:58,070 INFO L134 CoverageAnalysis]: Checked inductivity of 1656 backedges. 735 proven. 621 refuted. 0 times theorem prover too weak. 300 trivial. 0 not checked. [2024-11-09 04:50:58,070 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 04:50:58,070 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [854116422] [2024-11-09 04:50:58,070 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [854116422] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 04:50:58,070 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1526719174] [2024-11-09 04:50:58,071 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2024-11-09 04:50:58,071 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 04:50:58,071 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 04:50:58,072 INFO L229 MonitoredProcess]: Starting monitored process 18 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 04:50:58,073 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_916d5c72-4a02-4116-b9e8-52047bee6215/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (18)] Waiting until timeout for monitored process [2024-11-09 04:59:19,591 INFO L227 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 7 check-sat command(s) [2024-11-09 04:59:19,591 INFO L228 tOrderPrioritization]: Conjunction of SSA is unsat [2024-11-09 04:59:19,619 INFO L255 TraceCheckSpWp]: Trace formula consists of 878 conjuncts, 85 conjuncts are in the unsatisfiable core [2024-11-09 04:59:19,623 INFO L278 TraceCheckSpWp]: Computing forward predicates...