./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec1_product14.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec1_product14.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 7bf93f828cd20929ce9c5f311b0e320b3840eed4f400e7f2f8e12c9cdbceb4d2 --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:21:06,183 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:21:06,243 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:21:06,247 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:21:06,247 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:21:06,268 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:21:06,269 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:21:06,269 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:21:06,270 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:21:06,270 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:21:06,271 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:21:06,271 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:21:06,271 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:21:06,271 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:21:06,271 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:21:06,271 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:21:06,272 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:21:06,272 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:21:06,272 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:21:06,272 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:21:06,272 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:21:06,272 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:21:06,272 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:21:06,272 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:21:06,272 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:21:06,273 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:21:06,273 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:21:06,273 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:21:06,273 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:21:06,273 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:21:06,273 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:21:06,273 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:21:06,273 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:21:06,273 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:21:06,274 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:21:06,274 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:21:06,274 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:21:06,274 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:21:06,274 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:21:06,274 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:21:06,274 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:21:06,274 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:21:06,274 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:21:06,275 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 7bf93f828cd20929ce9c5f311b0e320b3840eed4f400e7f2f8e12c9cdbceb4d2 [2025-03-03 14:21:06,505 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:21:06,515 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:21:06,517 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:21:06,518 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:21:06,518 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:21:06,520 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec1_product14.cil.c [2025-03-03 14:21:07,658 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/3e440679d/cce8696f9dbc4bd491b7bbab04030dd7/FLAG7b4f554a3 [2025-03-03 14:21:07,981 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:21:07,982 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec1_product14.cil.c [2025-03-03 14:21:08,000 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/3e440679d/cce8696f9dbc4bd491b7bbab04030dd7/FLAG7b4f554a3 [2025-03-03 14:21:08,230 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/3e440679d/cce8696f9dbc4bd491b7bbab04030dd7 [2025-03-03 14:21:08,232 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:21:08,233 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:21:08,234 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:21:08,234 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:21:08,237 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:21:08,238 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,239 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@403dcab9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08, skipping insertion in model container [2025-03-03 14:21:08,240 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,288 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:21:08,639 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec1_product14.cil.c[62671,62684] [2025-03-03 14:21:08,644 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:21:08,658 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:21:08,663 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [48] [2025-03-03 14:21:08,664 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"AddressBookEncrypt_spec.i","") [1128] [2025-03-03 14:21:08,664 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [1170] [2025-03-03 14:21:08,665 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [1456] [2025-03-03 14:21:08,665 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [1562] [2025-03-03 14:21:08,665 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1579] [2025-03-03 14:21:08,665 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [1617] [2025-03-03 14:21:08,665 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [1983] [2025-03-03 14:21:08,665 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [2208] [2025-03-03 14:21:08,666 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [2486] [2025-03-03 14:21:08,666 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [2889] [2025-03-03 14:21:08,746 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec1_product14.cil.c[62671,62684] [2025-03-03 14:21:08,747 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:21:08,770 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:21:08,770 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08 WrapperNode [2025-03-03 14:21:08,771 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:21:08,772 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:21:08,772 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:21:08,772 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:21:08,776 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,790 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,827 INFO L138 Inliner]: procedures = 125, calls = 189, calls flagged for inlining = 50, calls inlined = 42, statements flattened = 887 [2025-03-03 14:21:08,827 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:21:08,828 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:21:08,828 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:21:08,828 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:21:08,835 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,836 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,839 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,861 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-03 14:21:08,861 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,861 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,883 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,886 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,890 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,895 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,902 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:21:08,904 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:21:08,905 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:21:08,905 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:21:08,907 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (1/1) ... [2025-03-03 14:21:08,911 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:21:08,920 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:08,933 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:21:08,936 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:21:08,955 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-03 14:21:08,955 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-03 14:21:08,955 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-03 14:21:08,955 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-03 14:21:08,955 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-03 14:21:08,955 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-03 14:21:08,956 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-03 14:21:08,956 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-03 14:21:08,956 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-03 14:21:08,956 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-03 14:21:08,956 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-03 14:21:08,956 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-03 14:21:08,956 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-03 14:21:08,957 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-03 14:21:08,957 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-03 14:21:08,957 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-03 14:21:08,957 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-03 14:21:08,958 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-03 14:21:08,958 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-03 14:21:08,958 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-03 14:21:08,958 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:21:08,958 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-03 14:21:08,958 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-03 14:21:08,958 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-03 14:21:08,958 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-03 14:21:08,958 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-03 14:21:08,958 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-03 14:21:08,958 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-03 14:21:08,958 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-03 14:21:08,958 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-03 14:21:08,959 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-03 14:21:08,959 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-03 14:21:08,959 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-03 14:21:08,959 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-03 14:21:08,959 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-03 14:21:08,960 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-03 14:21:08,960 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-03 14:21:08,960 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-03 14:21:08,960 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-03 14:21:08,960 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:21:08,960 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-03 14:21:08,960 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-03 14:21:08,960 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-03 14:21:08,960 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-03 14:21:08,960 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-03 14:21:08,961 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-03 14:21:08,961 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-03 14:21:08,961 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:21:08,961 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:21:09,112 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:21:09,114 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:21:09,208 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L762: #res#1 := ~retValue_acc~11#1; [2025-03-03 14:21:09,208 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L717-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~10#1; [2025-03-03 14:21:09,369 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1105-1: getClientId_#res#1 := getClientId_~retValue_acc~16#1; [2025-03-03 14:21:09,370 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1436-1: isKeyPairValid_#res#1 := isKeyPairValid_~retValue_acc~21#1; [2025-03-03 14:21:09,370 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L986-1: findPublicKey_#res#1 := findPublicKey_~retValue_acc~14#1; [2025-03-03 14:21:09,370 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L670-1: getClientPrivateKey_#res#1 := getClientPrivateKey_~retValue_acc~9#1; [2025-03-03 14:21:09,384 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1559-1: createEmail_#res#1 := createEmail_~retValue_acc~25#1; [2025-03-03 14:21:09,401 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L214: #res := ~retValue_acc~3; [2025-03-03 14:21:09,413 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2722: #res := ~retValue_acc~39; [2025-03-03 14:21:09,450 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2759: #res := ~retValue_acc~40; [2025-03-03 14:21:09,480 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2607: #res := ~retValue_acc~36; [2025-03-03 14:21:09,528 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L540: #res := ~retValue_acc~7; [2025-03-03 14:21:09,775 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1614-1: valid_product_#res#1 := valid_product_~retValue_acc~28#1; [2025-03-03 14:21:09,775 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1393-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~18#1; [2025-03-03 14:21:09,775 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1402-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~19#1; [2025-03-03 14:21:09,775 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L932-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~13#1; [2025-03-03 14:21:09,775 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1411-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~20#1; [2025-03-03 14:21:09,775 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L825-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~12#1; [2025-03-03 14:21:09,894 INFO L? ?]: Removed 440 outVars from TransFormulas that were not future-live. [2025-03-03 14:21:09,894 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:21:09,911 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:21:09,911 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:21:09,912 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:21:09 BoogieIcfgContainer [2025-03-03 14:21:09,912 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:21:09,916 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:21:09,916 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:21:09,919 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:21:09,920 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:21:08" (1/3) ... [2025-03-03 14:21:09,920 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@11c71c2a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:21:09, skipping insertion in model container [2025-03-03 14:21:09,920 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:08" (2/3) ... [2025-03-03 14:21:09,920 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@11c71c2a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:21:09, skipping insertion in model container [2025-03-03 14:21:09,920 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:21:09" (3/3) ... [2025-03-03 14:21:09,921 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec1_product14.cil.c [2025-03-03 14:21:09,933 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:21:09,936 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec1_product14.cil.c that has 22 procedures, 341 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-03 14:21:09,990 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:21:10,000 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@7037fa9d, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:21:10,000 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:21:10,006 INFO L276 IsEmpty]: Start isEmpty. Operand has 341 states, 266 states have (on average 1.586466165413534) internal successors, (422), 271 states have internal predecessors, (422), 52 states have call successors, (52), 21 states have call predecessors, (52), 21 states have return successors, (52), 51 states have call predecessors, (52), 52 states have call successors, (52) [2025-03-03 14:21:10,019 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2025-03-03 14:21:10,020 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:10,020 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:10,021 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:10,025 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:10,026 INFO L85 PathProgramCache]: Analyzing trace with hash 760164173, now seen corresponding path program 1 times [2025-03-03 14:21:10,030 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:10,031 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1387114918] [2025-03-03 14:21:10,031 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:10,031 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:10,133 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 98 statements into 1 equivalence classes. [2025-03-03 14:21:10,182 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 98 of 98 statements. [2025-03-03 14:21:10,183 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:10,183 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:10,587 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2025-03-03 14:21:10,588 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:10,588 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1387114918] [2025-03-03 14:21:10,588 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1387114918] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:10,588 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1343945500] [2025-03-03 14:21:10,589 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:10,589 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:10,589 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:10,591 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:10,593 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:21:10,740 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 98 statements into 1 equivalence classes. [2025-03-03 14:21:10,855 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 98 of 98 statements. [2025-03-03 14:21:10,855 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:10,855 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:10,860 INFO L256 TraceCheckSpWp]: Trace formula consists of 947 conjuncts, 1 conjuncts are in the unsatisfiable core [2025-03-03 14:21:10,866 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:10,883 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:21:10,883 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:10,883 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1343945500] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:10,883 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:10,884 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [5] total 5 [2025-03-03 14:21:10,885 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [755260707] [2025-03-03 14:21:10,886 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:10,888 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:21:10,888 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:10,902 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:21:10,903 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:10,905 INFO L87 Difference]: Start difference. First operand has 341 states, 266 states have (on average 1.586466165413534) internal successors, (422), 271 states have internal predecessors, (422), 52 states have call successors, (52), 21 states have call predecessors, (52), 21 states have return successors, (52), 51 states have call predecessors, (52), 52 states have call successors, (52) Second operand has 2 states, 2 states have (on average 28.0) internal successors, (56), 2 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:10,951 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:10,951 INFO L93 Difference]: Finished difference Result 495 states and 752 transitions. [2025-03-03 14:21:10,952 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:21:10,957 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 28.0) internal successors, (56), 2 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 98 [2025-03-03 14:21:10,958 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:10,967 INFO L225 Difference]: With dead ends: 495 [2025-03-03 14:21:10,967 INFO L226 Difference]: Without dead ends: 334 [2025-03-03 14:21:10,972 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 102 GetRequests, 99 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:10,975 INFO L435 NwaCegarLoop]: 523 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 523 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:10,975 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 523 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:10,988 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 334 states. [2025-03-03 14:21:11,015 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 334 to 334. [2025-03-03 14:21:11,016 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 334 states, 260 states have (on average 1.5846153846153845) internal successors, (412), 264 states have internal predecessors, (412), 52 states have call successors, (52), 21 states have call predecessors, (52), 21 states have return successors, (51), 50 states have call predecessors, (51), 51 states have call successors, (51) [2025-03-03 14:21:11,022 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 334 states to 334 states and 515 transitions. [2025-03-03 14:21:11,023 INFO L78 Accepts]: Start accepts. Automaton has 334 states and 515 transitions. Word has length 98 [2025-03-03 14:21:11,024 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:11,024 INFO L471 AbstractCegarLoop]: Abstraction has 334 states and 515 transitions. [2025-03-03 14:21:11,024 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 28.0) internal successors, (56), 2 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:11,024 INFO L276 IsEmpty]: Start isEmpty. Operand 334 states and 515 transitions. [2025-03-03 14:21:11,028 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 100 [2025-03-03 14:21:11,028 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:11,028 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:11,035 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-03 14:21:11,228 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-03 14:21:11,229 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:11,229 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:11,229 INFO L85 PathProgramCache]: Analyzing trace with hash 1466159199, now seen corresponding path program 1 times [2025-03-03 14:21:11,229 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:11,229 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [107510775] [2025-03-03 14:21:11,229 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:11,230 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:11,262 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 99 statements into 1 equivalence classes. [2025-03-03 14:21:11,276 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 99 of 99 statements. [2025-03-03 14:21:11,277 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:11,277 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:11,484 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2025-03-03 14:21:11,485 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:11,485 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [107510775] [2025-03-03 14:21:11,485 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [107510775] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:11,485 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1053638931] [2025-03-03 14:21:11,485 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:11,485 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:11,485 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:11,488 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:11,490 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:21:11,621 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 99 statements into 1 equivalence classes. [2025-03-03 14:21:11,723 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 99 of 99 statements. [2025-03-03 14:21:11,724 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:11,724 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:11,728 INFO L256 TraceCheckSpWp]: Trace formula consists of 948 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-03 14:21:11,733 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:11,761 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:21:11,761 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:11,761 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1053638931] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:11,761 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:11,762 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:21:11,762 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [171469728] [2025-03-03 14:21:11,762 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:11,763 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:11,764 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:11,764 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:11,764 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:21:11,764 INFO L87 Difference]: Start difference. First operand 334 states and 515 transitions. Second operand has 3 states, 3 states have (on average 19.0) internal successors, (57), 3 states have internal predecessors, (57), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:11,801 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:11,801 INFO L93 Difference]: Finished difference Result 484 states and 730 transitions. [2025-03-03 14:21:11,803 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:11,803 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 19.0) internal successors, (57), 3 states have internal predecessors, (57), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 99 [2025-03-03 14:21:11,803 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:11,806 INFO L225 Difference]: With dead ends: 484 [2025-03-03 14:21:11,808 INFO L226 Difference]: Without dead ends: 336 [2025-03-03 14:21:11,809 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 103 GetRequests, 99 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:21:11,810 INFO L435 NwaCegarLoop]: 514 mSDtfsCounter, 0 mSDsluCounter, 512 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1026 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:11,810 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1026 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:11,811 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 336 states. [2025-03-03 14:21:11,827 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 336 to 336. [2025-03-03 14:21:11,828 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 336 states, 262 states have (on average 1.5801526717557253) internal successors, (414), 266 states have internal predecessors, (414), 52 states have call successors, (52), 21 states have call predecessors, (52), 21 states have return successors, (51), 50 states have call predecessors, (51), 51 states have call successors, (51) [2025-03-03 14:21:11,833 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 336 states to 336 states and 517 transitions. [2025-03-03 14:21:11,834 INFO L78 Accepts]: Start accepts. Automaton has 336 states and 517 transitions. Word has length 99 [2025-03-03 14:21:11,834 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:11,834 INFO L471 AbstractCegarLoop]: Abstraction has 336 states and 517 transitions. [2025-03-03 14:21:11,834 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 19.0) internal successors, (57), 3 states have internal predecessors, (57), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:11,834 INFO L276 IsEmpty]: Start isEmpty. Operand 336 states and 517 transitions. [2025-03-03 14:21:11,838 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 105 [2025-03-03 14:21:11,838 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:11,839 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:11,846 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-03-03 14:21:12,039 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-03 14:21:12,039 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:12,040 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:12,040 INFO L85 PathProgramCache]: Analyzing trace with hash 931423906, now seen corresponding path program 1 times [2025-03-03 14:21:12,040 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:12,040 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [481632485] [2025-03-03 14:21:12,040 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:12,040 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:12,060 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 104 statements into 1 equivalence classes. [2025-03-03 14:21:12,070 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 104 of 104 statements. [2025-03-03 14:21:12,070 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:12,070 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:12,247 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:21:12,248 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:12,249 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [481632485] [2025-03-03 14:21:12,249 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [481632485] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:12,249 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [9735858] [2025-03-03 14:21:12,249 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:12,249 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:12,249 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:12,251 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:12,254 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:21:12,379 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 104 statements into 1 equivalence classes. [2025-03-03 14:21:12,478 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 104 of 104 statements. [2025-03-03 14:21:12,478 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:12,478 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:12,481 INFO L256 TraceCheckSpWp]: Trace formula consists of 960 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:21:12,485 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:12,505 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:21:12,507 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:12,507 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [9735858] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:12,507 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:12,507 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:21:12,507 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1720477516] [2025-03-03 14:21:12,507 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:12,508 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:12,508 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:12,508 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:12,508 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:21:12,508 INFO L87 Difference]: Start difference. First operand 336 states and 517 transitions. Second operand has 3 states, 3 states have (on average 20.666666666666668) internal successors, (62), 3 states have internal predecessors, (62), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:12,545 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:12,545 INFO L93 Difference]: Finished difference Result 714 states and 1117 transitions. [2025-03-03 14:21:12,545 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:12,546 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 20.666666666666668) internal successors, (62), 3 states have internal predecessors, (62), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 104 [2025-03-03 14:21:12,546 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:12,549 INFO L225 Difference]: With dead ends: 714 [2025-03-03 14:21:12,549 INFO L226 Difference]: Without dead ends: 405 [2025-03-03 14:21:12,550 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 108 GetRequests, 104 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:21:12,551 INFO L435 NwaCegarLoop]: 525 mSDtfsCounter, 126 mSDsluCounter, 467 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 992 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:12,552 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 992 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:12,554 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 405 states. [2025-03-03 14:21:12,571 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 405 to 397. [2025-03-03 14:21:12,572 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 397 states, 309 states have (on average 1.598705501618123) internal successors, (494), 313 states have internal predecessors, (494), 66 states have call successors, (66), 21 states have call predecessors, (66), 21 states have return successors, (65), 64 states have call predecessors, (65), 65 states have call successors, (65) [2025-03-03 14:21:12,574 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 397 states to 397 states and 625 transitions. [2025-03-03 14:21:12,574 INFO L78 Accepts]: Start accepts. Automaton has 397 states and 625 transitions. Word has length 104 [2025-03-03 14:21:12,575 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:12,575 INFO L471 AbstractCegarLoop]: Abstraction has 397 states and 625 transitions. [2025-03-03 14:21:12,575 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 20.666666666666668) internal successors, (62), 3 states have internal predecessors, (62), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:12,575 INFO L276 IsEmpty]: Start isEmpty. Operand 397 states and 625 transitions. [2025-03-03 14:21:12,579 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 106 [2025-03-03 14:21:12,580 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:12,580 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:12,587 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2025-03-03 14:21:12,780 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:12,780 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:12,781 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:12,781 INFO L85 PathProgramCache]: Analyzing trace with hash -1624692742, now seen corresponding path program 1 times [2025-03-03 14:21:12,781 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:12,781 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [273545193] [2025-03-03 14:21:12,781 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:12,781 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:12,814 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 105 statements into 1 equivalence classes. [2025-03-03 14:21:12,820 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 105 of 105 statements. [2025-03-03 14:21:12,821 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:12,821 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:12,927 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:21:12,927 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:12,928 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [273545193] [2025-03-03 14:21:12,928 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [273545193] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:12,928 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1342276856] [2025-03-03 14:21:12,928 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:12,928 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:12,928 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:12,931 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:12,932 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-03 14:21:13,045 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 105 statements into 1 equivalence classes. [2025-03-03 14:21:13,132 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 105 of 105 statements. [2025-03-03 14:21:13,132 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:13,132 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:13,137 INFO L256 TraceCheckSpWp]: Trace formula consists of 965 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-03 14:21:13,140 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:13,181 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-03 14:21:13,182 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:13,182 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1342276856] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:13,182 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:13,182 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:21:13,182 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1480757360] [2025-03-03 14:21:13,182 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:13,182 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:13,182 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:13,183 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:13,183 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:21:13,183 INFO L87 Difference]: Start difference. First operand 397 states and 625 transitions. Second operand has 5 states, 4 states have (on average 17.75) internal successors, (71), 5 states have internal predecessors, (71), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:13,227 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:13,228 INFO L93 Difference]: Finished difference Result 785 states and 1240 transitions. [2025-03-03 14:21:13,228 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:13,228 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 17.75) internal successors, (71), 5 states have internal predecessors, (71), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 105 [2025-03-03 14:21:13,228 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:13,230 INFO L225 Difference]: With dead ends: 785 [2025-03-03 14:21:13,230 INFO L226 Difference]: Without dead ends: 399 [2025-03-03 14:21:13,231 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 109 GetRequests, 103 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:21:13,232 INFO L435 NwaCegarLoop]: 507 mSDtfsCounter, 2 mSDsluCounter, 1510 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2017 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:13,232 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2017 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:13,233 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 399 states. [2025-03-03 14:21:13,244 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 399 to 399. [2025-03-03 14:21:13,245 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 399 states, 310 states have (on average 1.596774193548387) internal successors, (495), 315 states have internal predecessors, (495), 66 states have call successors, (66), 21 states have call predecessors, (66), 22 states have return successors, (67), 64 states have call predecessors, (67), 65 states have call successors, (67) [2025-03-03 14:21:13,247 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 399 states to 399 states and 628 transitions. [2025-03-03 14:21:13,247 INFO L78 Accepts]: Start accepts. Automaton has 399 states and 628 transitions. Word has length 105 [2025-03-03 14:21:13,247 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:13,249 INFO L471 AbstractCegarLoop]: Abstraction has 399 states and 628 transitions. [2025-03-03 14:21:13,249 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 17.75) internal successors, (71), 5 states have internal predecessors, (71), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:13,249 INFO L276 IsEmpty]: Start isEmpty. Operand 399 states and 628 transitions. [2025-03-03 14:21:13,252 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2025-03-03 14:21:13,252 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:13,252 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:13,261 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2025-03-03 14:21:13,458 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:13,458 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:13,458 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:13,458 INFO L85 PathProgramCache]: Analyzing trace with hash -919635938, now seen corresponding path program 1 times [2025-03-03 14:21:13,459 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:13,459 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [846742276] [2025-03-03 14:21:13,459 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:13,459 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:13,476 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 106 statements into 1 equivalence classes. [2025-03-03 14:21:13,486 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 106 of 106 statements. [2025-03-03 14:21:13,486 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:13,486 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:13,597 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2025-03-03 14:21:13,597 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:13,597 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [846742276] [2025-03-03 14:21:13,597 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [846742276] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:13,597 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [931263234] [2025-03-03 14:21:13,597 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:13,597 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:13,597 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:13,599 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:13,601 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-03 14:21:13,722 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 106 statements into 1 equivalence classes. [2025-03-03 14:21:13,801 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 106 of 106 statements. [2025-03-03 14:21:13,801 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:13,801 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:13,804 INFO L256 TraceCheckSpWp]: Trace formula consists of 966 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:21:13,808 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:13,841 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-03 14:21:13,841 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:13,841 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [931263234] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:13,844 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:13,844 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-03 14:21:13,844 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2125130373] [2025-03-03 14:21:13,844 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:13,845 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:13,845 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:13,845 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:13,845 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:21:13,845 INFO L87 Difference]: Start difference. First operand 399 states and 628 transitions. Second operand has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:13,902 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:13,903 INFO L93 Difference]: Finished difference Result 787 states and 1245 transitions. [2025-03-03 14:21:13,903 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:13,903 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 106 [2025-03-03 14:21:13,904 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:13,906 INFO L225 Difference]: With dead ends: 787 [2025-03-03 14:21:13,906 INFO L226 Difference]: Without dead ends: 401 [2025-03-03 14:21:13,907 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 113 GetRequests, 104 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:21:13,907 INFO L435 NwaCegarLoop]: 505 mSDtfsCounter, 2 mSDsluCounter, 1498 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2003 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:13,908 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2003 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:13,908 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 401 states. [2025-03-03 14:21:13,924 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 401 to 401. [2025-03-03 14:21:13,925 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 401 states, 311 states have (on average 1.594855305466238) internal successors, (496), 317 states have internal predecessors, (496), 66 states have call successors, (66), 21 states have call predecessors, (66), 23 states have return successors, (72), 64 states have call predecessors, (72), 65 states have call successors, (72) [2025-03-03 14:21:13,927 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 401 states to 401 states and 634 transitions. [2025-03-03 14:21:13,928 INFO L78 Accepts]: Start accepts. Automaton has 401 states and 634 transitions. Word has length 106 [2025-03-03 14:21:13,928 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:13,928 INFO L471 AbstractCegarLoop]: Abstraction has 401 states and 634 transitions. [2025-03-03 14:21:13,928 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:13,928 INFO L276 IsEmpty]: Start isEmpty. Operand 401 states and 634 transitions. [2025-03-03 14:21:13,930 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 108 [2025-03-03 14:21:13,930 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:13,930 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:13,940 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2025-03-03 14:21:14,137 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:14,137 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:14,138 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:14,138 INFO L85 PathProgramCache]: Analyzing trace with hash 1254012533, now seen corresponding path program 1 times [2025-03-03 14:21:14,138 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:14,138 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1653734415] [2025-03-03 14:21:14,138 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:14,138 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:14,152 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 107 statements into 1 equivalence classes. [2025-03-03 14:21:14,161 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 107 of 107 statements. [2025-03-03 14:21:14,161 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:14,161 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:14,245 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:21:14,245 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:14,245 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1653734415] [2025-03-03 14:21:14,246 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1653734415] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:14,246 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:14,246 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:14,246 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [641265351] [2025-03-03 14:21:14,246 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:14,246 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:14,246 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:14,247 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:14,247 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:14,247 INFO L87 Difference]: Start difference. First operand 401 states and 634 transitions. Second operand has 5 states, 4 states have (on average 17.25) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:14,288 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:14,288 INFO L93 Difference]: Finished difference Result 779 states and 1236 transitions. [2025-03-03 14:21:14,288 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:14,289 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 17.25) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 107 [2025-03-03 14:21:14,289 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:14,292 INFO L225 Difference]: With dead ends: 779 [2025-03-03 14:21:14,292 INFO L226 Difference]: Without dead ends: 401 [2025-03-03 14:21:14,294 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:14,294 INFO L435 NwaCegarLoop]: 508 mSDtfsCounter, 2 mSDsluCounter, 1513 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2021 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:14,295 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2021 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:14,296 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 401 states. [2025-03-03 14:21:14,312 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 401 to 401. [2025-03-03 14:21:14,316 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 401 states, 311 states have (on average 1.594855305466238) internal successors, (496), 317 states have internal predecessors, (496), 66 states have call successors, (66), 21 states have call predecessors, (66), 23 states have return successors, (71), 64 states have call predecessors, (71), 65 states have call successors, (71) [2025-03-03 14:21:14,318 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 401 states to 401 states and 633 transitions. [2025-03-03 14:21:14,319 INFO L78 Accepts]: Start accepts. Automaton has 401 states and 633 transitions. Word has length 107 [2025-03-03 14:21:14,320 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:14,320 INFO L471 AbstractCegarLoop]: Abstraction has 401 states and 633 transitions. [2025-03-03 14:21:14,320 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 17.25) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:14,321 INFO L276 IsEmpty]: Start isEmpty. Operand 401 states and 633 transitions. [2025-03-03 14:21:14,322 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 109 [2025-03-03 14:21:14,322 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:14,323 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:14,324 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:21:14,324 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:14,324 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:14,324 INFO L85 PathProgramCache]: Analyzing trace with hash 121600059, now seen corresponding path program 2 times [2025-03-03 14:21:14,325 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:14,325 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1800327569] [2025-03-03 14:21:14,325 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:21:14,325 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:14,342 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 108 statements into 2 equivalence classes. [2025-03-03 14:21:14,356 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 108 of 108 statements. [2025-03-03 14:21:14,356 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-03 14:21:14,356 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:14,430 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:21:14,430 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:14,430 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1800327569] [2025-03-03 14:21:14,430 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1800327569] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:14,430 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:14,430 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:14,430 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [603326048] [2025-03-03 14:21:14,430 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:14,431 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:14,431 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:14,432 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:14,432 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:14,432 INFO L87 Difference]: Start difference. First operand 401 states and 633 transitions. Second operand has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:14,486 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:14,486 INFO L93 Difference]: Finished difference Result 777 states and 1231 transitions. [2025-03-03 14:21:14,487 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:14,487 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 108 [2025-03-03 14:21:14,487 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:14,489 INFO L225 Difference]: With dead ends: 777 [2025-03-03 14:21:14,489 INFO L226 Difference]: Without dead ends: 401 [2025-03-03 14:21:14,490 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:14,490 INFO L435 NwaCegarLoop]: 506 mSDtfsCounter, 2 mSDsluCounter, 1501 mSDsCounter, 0 mSdLazyCounter, 45 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2007 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 45 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:14,490 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2007 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 45 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:14,491 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 401 states. [2025-03-03 14:21:14,502 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 401 to 401. [2025-03-03 14:21:14,503 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 401 states, 311 states have (on average 1.594855305466238) internal successors, (496), 317 states have internal predecessors, (496), 66 states have call successors, (66), 21 states have call predecessors, (66), 23 states have return successors, (70), 64 states have call predecessors, (70), 65 states have call successors, (70) [2025-03-03 14:21:14,505 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 401 states to 401 states and 632 transitions. [2025-03-03 14:21:14,505 INFO L78 Accepts]: Start accepts. Automaton has 401 states and 632 transitions. Word has length 108 [2025-03-03 14:21:14,506 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:14,506 INFO L471 AbstractCegarLoop]: Abstraction has 401 states and 632 transitions. [2025-03-03 14:21:14,506 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:14,506 INFO L276 IsEmpty]: Start isEmpty. Operand 401 states and 632 transitions. [2025-03-03 14:21:14,508 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 110 [2025-03-03 14:21:14,508 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:14,508 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:14,508 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:21:14,508 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:14,508 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:14,508 INFO L85 PathProgramCache]: Analyzing trace with hash -595452172, now seen corresponding path program 3 times [2025-03-03 14:21:14,508 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:14,508 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1849335736] [2025-03-03 14:21:14,508 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2025-03-03 14:21:14,509 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:14,524 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 partitioned 109 statements into 3 equivalence classes. [2025-03-03 14:21:14,533 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) and asserted 97 of 109 statements. [2025-03-03 14:21:14,533 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2025-03-03 14:21:14,533 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:14,593 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:21:14,594 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:14,594 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1849335736] [2025-03-03 14:21:14,594 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1849335736] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:14,594 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:14,594 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:14,594 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1619178493] [2025-03-03 14:21:14,595 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:14,595 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:14,595 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:14,596 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:14,596 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:14,596 INFO L87 Difference]: Start difference. First operand 401 states and 632 transitions. Second operand has 5 states, 5 states have (on average 14.0) internal successors, (70), 5 states have internal predecessors, (70), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:14,642 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:14,642 INFO L93 Difference]: Finished difference Result 779 states and 1237 transitions. [2025-03-03 14:21:14,642 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:14,643 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 14.0) internal successors, (70), 5 states have internal predecessors, (70), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 109 [2025-03-03 14:21:14,643 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:14,646 INFO L225 Difference]: With dead ends: 779 [2025-03-03 14:21:14,646 INFO L226 Difference]: Without dead ends: 403 [2025-03-03 14:21:14,648 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:14,648 INFO L435 NwaCegarLoop]: 509 mSDtfsCounter, 1 mSDsluCounter, 1509 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2018 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:14,648 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2018 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:14,649 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 403 states. [2025-03-03 14:21:14,661 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 403 to 403. [2025-03-03 14:21:14,661 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 403 states, 312 states have (on average 1.5929487179487178) internal successors, (497), 319 states have internal predecessors, (497), 66 states have call successors, (66), 21 states have call predecessors, (66), 24 states have return successors, (75), 64 states have call predecessors, (75), 65 states have call successors, (75) [2025-03-03 14:21:14,663 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 403 states to 403 states and 638 transitions. [2025-03-03 14:21:14,664 INFO L78 Accepts]: Start accepts. Automaton has 403 states and 638 transitions. Word has length 109 [2025-03-03 14:21:14,664 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:14,664 INFO L471 AbstractCegarLoop]: Abstraction has 403 states and 638 transitions. [2025-03-03 14:21:14,664 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 14.0) internal successors, (70), 5 states have internal predecessors, (70), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:14,664 INFO L276 IsEmpty]: Start isEmpty. Operand 403 states and 638 transitions. [2025-03-03 14:21:14,665 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2025-03-03 14:21:14,665 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:14,666 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:14,666 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:21:14,666 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:14,666 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:14,666 INFO L85 PathProgramCache]: Analyzing trace with hash 1383715422, now seen corresponding path program 1 times [2025-03-03 14:21:14,666 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:14,666 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2048628338] [2025-03-03 14:21:14,666 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:14,666 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:14,678 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-03-03 14:21:14,683 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-03-03 14:21:14,683 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:14,683 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:14,756 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:21:14,756 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:14,756 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2048628338] [2025-03-03 14:21:14,756 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2048628338] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:14,756 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:14,756 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:14,756 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [127934996] [2025-03-03 14:21:14,756 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:14,756 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:14,756 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:14,757 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:14,757 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:14,757 INFO L87 Difference]: Start difference. First operand 403 states and 638 transitions. Second operand has 5 states, 4 states have (on average 18.0) internal successors, (72), 5 states have internal predecessors, (72), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:14,790 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:14,790 INFO L93 Difference]: Finished difference Result 785 states and 1247 transitions. [2025-03-03 14:21:14,790 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:14,791 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 18.0) internal successors, (72), 5 states have internal predecessors, (72), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 110 [2025-03-03 14:21:14,791 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:14,793 INFO L225 Difference]: With dead ends: 785 [2025-03-03 14:21:14,793 INFO L226 Difference]: Without dead ends: 405 [2025-03-03 14:21:14,794 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:14,796 INFO L435 NwaCegarLoop]: 509 mSDtfsCounter, 1 mSDsluCounter, 1515 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2024 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:14,796 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2024 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:14,797 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 405 states. [2025-03-03 14:21:14,807 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 405 to 405. [2025-03-03 14:21:14,807 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 405 states, 313 states have (on average 1.5910543130990416) internal successors, (498), 321 states have internal predecessors, (498), 66 states have call successors, (66), 21 states have call predecessors, (66), 25 states have return successors, (77), 64 states have call predecessors, (77), 65 states have call successors, (77) [2025-03-03 14:21:14,810 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 405 states to 405 states and 641 transitions. [2025-03-03 14:21:14,811 INFO L78 Accepts]: Start accepts. Automaton has 405 states and 641 transitions. Word has length 110 [2025-03-03 14:21:14,811 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:14,811 INFO L471 AbstractCegarLoop]: Abstraction has 405 states and 641 transitions. [2025-03-03 14:21:14,811 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 18.0) internal successors, (72), 5 states have internal predecessors, (72), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:14,811 INFO L276 IsEmpty]: Start isEmpty. Operand 405 states and 641 transitions. [2025-03-03 14:21:14,813 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2025-03-03 14:21:14,813 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:14,813 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:14,814 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:21:14,814 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:14,814 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:14,814 INFO L85 PathProgramCache]: Analyzing trace with hash 1301234395, now seen corresponding path program 1 times [2025-03-03 14:21:14,814 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:14,814 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [632211915] [2025-03-03 14:21:14,814 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:14,814 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:14,828 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:21:14,833 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:21:14,834 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:14,834 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:14,909 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:14,910 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:14,910 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [632211915] [2025-03-03 14:21:14,910 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [632211915] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:14,910 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1383919900] [2025-03-03 14:21:14,910 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:14,910 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:14,910 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:14,912 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:14,914 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-03 14:21:15,027 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:21:15,106 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:21:15,106 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:15,106 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:15,110 INFO L256 TraceCheckSpWp]: Trace formula consists of 971 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:21:15,114 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:15,135 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:15,135 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:21:15,196 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:15,198 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1383919900] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:21:15,199 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:21:15,199 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2025-03-03 14:21:15,199 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [314150572] [2025-03-03 14:21:15,199 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:21:15,199 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-03 14:21:15,199 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:15,200 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-03 14:21:15,200 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:21:15,200 INFO L87 Difference]: Start difference. First operand 405 states and 641 transitions. Second operand has 7 states, 7 states have (on average 14.0) internal successors, (98), 7 states have internal predecessors, (98), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:21:15,324 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:15,325 INFO L93 Difference]: Finished difference Result 965 states and 1582 transitions. [2025-03-03 14:21:15,325 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-03 14:21:15,325 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 14.0) internal successors, (98), 7 states have internal predecessors, (98), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 111 [2025-03-03 14:21:15,326 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:15,331 INFO L225 Difference]: With dead ends: 965 [2025-03-03 14:21:15,331 INFO L226 Difference]: Without dead ends: 817 [2025-03-03 14:21:15,332 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 224 GetRequests, 219 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:21:15,333 INFO L435 NwaCegarLoop]: 546 mSDtfsCounter, 372 mSDsluCounter, 1828 mSDsCounter, 0 mSdLazyCounter, 71 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 426 SdHoareTripleChecker+Valid, 2374 SdHoareTripleChecker+Invalid, 72 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 71 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:15,333 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [426 Valid, 2374 Invalid, 72 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 71 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:21:15,334 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 817 states. [2025-03-03 14:21:15,355 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 817 to 793. [2025-03-03 14:21:15,356 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 793 states, 622 states have (on average 1.6495176848874598) internal successors, (1026), 630 states have internal predecessors, (1026), 145 states have call successors, (145), 21 states have call predecessors, (145), 25 states have return successors, (166), 143 states have call predecessors, (166), 144 states have call successors, (166) [2025-03-03 14:21:15,360 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 793 states to 793 states and 1337 transitions. [2025-03-03 14:21:15,361 INFO L78 Accepts]: Start accepts. Automaton has 793 states and 1337 transitions. Word has length 111 [2025-03-03 14:21:15,361 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:15,361 INFO L471 AbstractCegarLoop]: Abstraction has 793 states and 1337 transitions. [2025-03-03 14:21:15,361 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 14.0) internal successors, (98), 7 states have internal predecessors, (98), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:21:15,361 INFO L276 IsEmpty]: Start isEmpty. Operand 793 states and 1337 transitions. [2025-03-03 14:21:15,365 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 118 [2025-03-03 14:21:15,365 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:15,365 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:15,372 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2025-03-03 14:21:15,566 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:15,566 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:15,566 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:15,567 INFO L85 PathProgramCache]: Analyzing trace with hash 581843067, now seen corresponding path program 1 times [2025-03-03 14:21:15,567 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:15,567 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [106438989] [2025-03-03 14:21:15,567 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:15,567 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:15,580 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 117 statements into 1 equivalence classes. [2025-03-03 14:21:15,585 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 117 of 117 statements. [2025-03-03 14:21:15,586 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:15,586 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:15,611 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:15,611 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:15,611 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [106438989] [2025-03-03 14:21:15,611 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [106438989] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:15,612 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:15,612 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:15,612 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [628788559] [2025-03-03 14:21:15,612 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:15,612 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:15,612 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:15,612 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:15,612 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:15,613 INFO L87 Difference]: Start difference. First operand 793 states and 1337 transitions. Second operand has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:15,643 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:15,644 INFO L93 Difference]: Finished difference Result 1913 states and 3268 transitions. [2025-03-03 14:21:15,644 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:15,644 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 117 [2025-03-03 14:21:15,644 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:15,650 INFO L225 Difference]: With dead ends: 1913 [2025-03-03 14:21:15,650 INFO L226 Difference]: Without dead ends: 1186 [2025-03-03 14:21:15,653 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:15,653 INFO L435 NwaCegarLoop]: 526 mSDtfsCounter, 124 mSDsluCounter, 512 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1038 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:15,653 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1038 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:15,654 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1186 states. [2025-03-03 14:21:15,686 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1186 to 1178. [2025-03-03 14:21:15,688 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1178 states, 928 states have (on average 1.6605603448275863) internal successors, (1541), 936 states have internal predecessors, (1541), 224 states have call successors, (224), 21 states have call predecessors, (224), 25 states have return successors, (255), 222 states have call predecessors, (255), 223 states have call successors, (255) [2025-03-03 14:21:15,694 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1178 states to 1178 states and 2020 transitions. [2025-03-03 14:21:15,695 INFO L78 Accepts]: Start accepts. Automaton has 1178 states and 2020 transitions. Word has length 117 [2025-03-03 14:21:15,695 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:15,695 INFO L471 AbstractCegarLoop]: Abstraction has 1178 states and 2020 transitions. [2025-03-03 14:21:15,696 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:15,696 INFO L276 IsEmpty]: Start isEmpty. Operand 1178 states and 2020 transitions. [2025-03-03 14:21:15,701 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2025-03-03 14:21:15,701 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:15,702 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:15,702 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-03-03 14:21:15,702 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:15,702 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:15,702 INFO L85 PathProgramCache]: Analyzing trace with hash -335420734, now seen corresponding path program 1 times [2025-03-03 14:21:15,703 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:15,703 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [349030934] [2025-03-03 14:21:15,703 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:15,703 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:15,731 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-03-03 14:21:15,736 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-03-03 14:21:15,737 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:15,737 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:15,761 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:15,761 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:15,761 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [349030934] [2025-03-03 14:21:15,761 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [349030934] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:15,761 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:15,761 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:15,762 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1083710860] [2025-03-03 14:21:15,762 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:15,762 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:15,762 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:15,762 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:15,762 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:15,763 INFO L87 Difference]: Start difference. First operand 1178 states and 2020 transitions. Second operand has 3 states, 3 states have (on average 26.0) internal successors, (78), 3 states have internal predecessors, (78), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:15,806 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:15,807 INFO L93 Difference]: Finished difference Result 2851 states and 4915 transitions. [2025-03-03 14:21:15,807 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:15,808 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.0) internal successors, (78), 3 states have internal predecessors, (78), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 118 [2025-03-03 14:21:15,808 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:15,817 INFO L225 Difference]: With dead ends: 2851 [2025-03-03 14:21:15,818 INFO L226 Difference]: Without dead ends: 1790 [2025-03-03 14:21:15,822 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:15,822 INFO L435 NwaCegarLoop]: 521 mSDtfsCounter, 122 mSDsluCounter, 509 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1030 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:15,822 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1030 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:15,824 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1790 states. [2025-03-03 14:21:15,874 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1790 to 1782. [2025-03-03 14:21:15,877 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1782 states, 1413 states have (on average 1.6673743807501769) internal successors, (2356), 1421 states have internal predecessors, (2356), 343 states have call successors, (343), 21 states have call predecessors, (343), 25 states have return successors, (374), 341 states have call predecessors, (374), 342 states have call successors, (374) [2025-03-03 14:21:15,886 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1782 states to 1782 states and 3073 transitions. [2025-03-03 14:21:15,888 INFO L78 Accepts]: Start accepts. Automaton has 1782 states and 3073 transitions. Word has length 118 [2025-03-03 14:21:15,888 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:15,888 INFO L471 AbstractCegarLoop]: Abstraction has 1782 states and 3073 transitions. [2025-03-03 14:21:15,888 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.0) internal successors, (78), 3 states have internal predecessors, (78), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:15,888 INFO L276 IsEmpty]: Start isEmpty. Operand 1782 states and 3073 transitions. [2025-03-03 14:21:15,897 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 120 [2025-03-03 14:21:15,897 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:15,897 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:15,897 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-03 14:21:15,898 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:15,898 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:15,898 INFO L85 PathProgramCache]: Analyzing trace with hash -1936505830, now seen corresponding path program 1 times [2025-03-03 14:21:15,898 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:15,898 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1300029531] [2025-03-03 14:21:15,898 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:15,898 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:15,916 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 119 statements into 1 equivalence classes. [2025-03-03 14:21:15,922 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 119 of 119 statements. [2025-03-03 14:21:15,922 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:15,922 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:15,946 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:15,946 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:15,946 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1300029531] [2025-03-03 14:21:15,946 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1300029531] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:15,946 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:15,946 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:15,946 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2036356593] [2025-03-03 14:21:15,946 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:15,947 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:15,947 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:15,947 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:15,947 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:15,947 INFO L87 Difference]: Start difference. First operand 1782 states and 3073 transitions. Second operand has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:16,013 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:16,014 INFO L93 Difference]: Finished difference Result 4258 states and 7397 transitions. [2025-03-03 14:21:16,014 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:16,014 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 119 [2025-03-03 14:21:16,014 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:16,027 INFO L225 Difference]: With dead ends: 4258 [2025-03-03 14:21:16,028 INFO L226 Difference]: Without dead ends: 2715 [2025-03-03 14:21:16,033 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:16,034 INFO L435 NwaCegarLoop]: 514 mSDtfsCounter, 120 mSDsluCounter, 505 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1019 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:16,034 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1019 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:16,036 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2715 states. [2025-03-03 14:21:16,145 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2715 to 2707. [2025-03-03 14:21:16,150 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2707 states, 2176 states have (on average 1.6732536764705883) internal successors, (3641), 2184 states have internal predecessors, (3641), 505 states have call successors, (505), 21 states have call predecessors, (505), 25 states have return successors, (552), 503 states have call predecessors, (552), 504 states have call successors, (552) [2025-03-03 14:21:16,165 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2707 states to 2707 states and 4698 transitions. [2025-03-03 14:21:16,167 INFO L78 Accepts]: Start accepts. Automaton has 2707 states and 4698 transitions. Word has length 119 [2025-03-03 14:21:16,167 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:16,167 INFO L471 AbstractCegarLoop]: Abstraction has 2707 states and 4698 transitions. [2025-03-03 14:21:16,168 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:16,168 INFO L276 IsEmpty]: Start isEmpty. Operand 2707 states and 4698 transitions. [2025-03-03 14:21:16,180 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 121 [2025-03-03 14:21:16,180 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:16,180 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:16,180 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-03-03 14:21:16,180 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:16,181 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:16,181 INFO L85 PathProgramCache]: Analyzing trace with hash 213954755, now seen corresponding path program 1 times [2025-03-03 14:21:16,181 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:16,181 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [144957074] [2025-03-03 14:21:16,181 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:16,181 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:16,198 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 120 statements into 1 equivalence classes. [2025-03-03 14:21:16,204 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 120 of 120 statements. [2025-03-03 14:21:16,205 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:16,205 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:16,236 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:16,236 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:16,236 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [144957074] [2025-03-03 14:21:16,236 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [144957074] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:16,236 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:16,236 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:16,236 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [171546873] [2025-03-03 14:21:16,236 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:16,236 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:16,236 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:16,237 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:16,237 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:16,237 INFO L87 Difference]: Start difference. First operand 2707 states and 4698 transitions. Second operand has 3 states, 3 states have (on average 26.666666666666668) internal successors, (80), 3 states have internal predecessors, (80), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:16,337 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:16,338 INFO L93 Difference]: Finished difference Result 6476 states and 11318 transitions. [2025-03-03 14:21:16,338 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:16,338 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.666666666666668) internal successors, (80), 3 states have internal predecessors, (80), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 120 [2025-03-03 14:21:16,339 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:16,361 INFO L225 Difference]: With dead ends: 6476 [2025-03-03 14:21:16,362 INFO L226 Difference]: Without dead ends: 4208 [2025-03-03 14:21:16,372 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:16,372 INFO L435 NwaCegarLoop]: 514 mSDtfsCounter, 118 mSDsluCounter, 505 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1019 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:16,372 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1019 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:16,376 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4208 states. [2025-03-03 14:21:16,541 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4208 to 4200. [2025-03-03 14:21:16,548 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4200 states, 3424 states have (on average 1.6775700934579438) internal successors, (5744), 3432 states have internal predecessors, (5744), 750 states have call successors, (750), 21 states have call predecessors, (750), 25 states have return successors, (823), 748 states have call predecessors, (823), 749 states have call successors, (823) [2025-03-03 14:21:16,566 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4200 states to 4200 states and 7317 transitions. [2025-03-03 14:21:16,569 INFO L78 Accepts]: Start accepts. Automaton has 4200 states and 7317 transitions. Word has length 120 [2025-03-03 14:21:16,569 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:16,569 INFO L471 AbstractCegarLoop]: Abstraction has 4200 states and 7317 transitions. [2025-03-03 14:21:16,570 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.666666666666668) internal successors, (80), 3 states have internal predecessors, (80), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:16,570 INFO L276 IsEmpty]: Start isEmpty. Operand 4200 states and 7317 transitions. [2025-03-03 14:21:16,583 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2025-03-03 14:21:16,584 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:16,584 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:16,584 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-03 14:21:16,584 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:16,584 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:16,585 INFO L85 PathProgramCache]: Analyzing trace with hash 790661337, now seen corresponding path program 1 times [2025-03-03 14:21:16,585 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:16,585 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1305743487] [2025-03-03 14:21:16,585 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:16,585 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:16,598 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 121 statements into 1 equivalence classes. [2025-03-03 14:21:16,604 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 121 of 121 statements. [2025-03-03 14:21:16,604 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:16,604 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:16,632 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:16,633 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:16,633 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1305743487] [2025-03-03 14:21:16,633 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1305743487] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:16,633 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:16,633 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:16,633 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [593830141] [2025-03-03 14:21:16,633 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:16,633 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:16,633 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:16,634 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:16,634 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:16,634 INFO L87 Difference]: Start difference. First operand 4200 states and 7317 transitions. Second operand has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:16,824 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:16,824 INFO L93 Difference]: Finished difference Result 10436 states and 18274 transitions. [2025-03-03 14:21:16,824 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:16,825 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 121 [2025-03-03 14:21:16,825 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:16,859 INFO L225 Difference]: With dead ends: 10436 [2025-03-03 14:21:16,859 INFO L226 Difference]: Without dead ends: 6902 [2025-03-03 14:21:16,870 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:16,871 INFO L435 NwaCegarLoop]: 528 mSDtfsCounter, 116 mSDsluCounter, 513 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1041 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:16,871 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1041 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:16,876 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 6902 states. [2025-03-03 14:21:17,148 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 6902 to 6894. [2025-03-03 14:21:17,159 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6894 states, 5625 states have (on average 1.6728888888888889) internal successors, (9410), 5633 states have internal predecessors, (9410), 1243 states have call successors, (1243), 21 states have call predecessors, (1243), 25 states have return successors, (1360), 1241 states have call predecessors, (1360), 1242 states have call successors, (1360) [2025-03-03 14:21:17,189 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6894 states to 6894 states and 12013 transitions. [2025-03-03 14:21:17,192 INFO L78 Accepts]: Start accepts. Automaton has 6894 states and 12013 transitions. Word has length 121 [2025-03-03 14:21:17,192 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:17,193 INFO L471 AbstractCegarLoop]: Abstraction has 6894 states and 12013 transitions. [2025-03-03 14:21:17,193 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:17,193 INFO L276 IsEmpty]: Start isEmpty. Operand 6894 states and 12013 transitions. [2025-03-03 14:21:17,213 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 123 [2025-03-03 14:21:17,213 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:17,214 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:17,214 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-03 14:21:17,214 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:17,214 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:17,214 INFO L85 PathProgramCache]: Analyzing trace with hash 839548420, now seen corresponding path program 1 times [2025-03-03 14:21:17,214 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:17,215 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1179791975] [2025-03-03 14:21:17,215 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:17,215 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:17,228 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 122 statements into 1 equivalence classes. [2025-03-03 14:21:17,233 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 122 of 122 statements. [2025-03-03 14:21:17,234 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:17,234 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:17,258 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:17,258 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:17,258 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1179791975] [2025-03-03 14:21:17,258 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1179791975] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:17,258 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:17,258 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:17,258 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1808539402] [2025-03-03 14:21:17,258 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:17,259 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:17,259 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:17,259 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:17,259 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:17,259 INFO L87 Difference]: Start difference. First operand 6894 states and 12013 transitions. Second operand has 3 states, 3 states have (on average 27.333333333333332) internal successors, (82), 3 states have internal predecessors, (82), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:17,553 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:17,554 INFO L93 Difference]: Finished difference Result 17471 states and 30630 transitions. [2025-03-03 14:21:17,554 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:17,554 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.333333333333332) internal successors, (82), 3 states have internal predecessors, (82), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 122 [2025-03-03 14:21:17,554 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:17,606 INFO L225 Difference]: With dead ends: 17471 [2025-03-03 14:21:17,606 INFO L226 Difference]: Without dead ends: 11614 [2025-03-03 14:21:17,630 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:17,630 INFO L435 NwaCegarLoop]: 516 mSDtfsCounter, 114 mSDsluCounter, 508 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 132 SdHoareTripleChecker+Valid, 1024 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:17,630 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [132 Valid, 1024 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:17,639 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11614 states. [2025-03-03 14:21:18,099 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11614 to 11606. [2025-03-03 14:21:18,118 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11606 states, 9515 states have (on average 1.6727272727272726) internal successors, (15916), 9523 states have internal predecessors, (15916), 2065 states have call successors, (2065), 21 states have call predecessors, (2065), 25 states have return successors, (2260), 2063 states have call predecessors, (2260), 2064 states have call successors, (2260) [2025-03-03 14:21:18,166 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11606 states to 11606 states and 20241 transitions. [2025-03-03 14:21:18,175 INFO L78 Accepts]: Start accepts. Automaton has 11606 states and 20241 transitions. Word has length 122 [2025-03-03 14:21:18,176 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:18,176 INFO L471 AbstractCegarLoop]: Abstraction has 11606 states and 20241 transitions. [2025-03-03 14:21:18,177 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.333333333333332) internal successors, (82), 3 states have internal predecessors, (82), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:18,177 INFO L276 IsEmpty]: Start isEmpty. Operand 11606 states and 20241 transitions. [2025-03-03 14:21:18,245 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 124 [2025-03-03 14:21:18,245 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:18,245 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:18,246 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-03 14:21:18,246 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:18,246 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:18,246 INFO L85 PathProgramCache]: Analyzing trace with hash -232114888, now seen corresponding path program 1 times [2025-03-03 14:21:18,246 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:18,246 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [947230534] [2025-03-03 14:21:18,247 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:18,247 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:18,260 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 123 statements into 1 equivalence classes. [2025-03-03 14:21:18,267 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 123 of 123 statements. [2025-03-03 14:21:18,267 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:18,267 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:18,308 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:18,308 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:18,308 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [947230534] [2025-03-03 14:21:18,308 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [947230534] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:18,308 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:18,309 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:18,309 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [575527469] [2025-03-03 14:21:18,309 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:18,309 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:18,309 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:18,309 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:18,309 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:18,309 INFO L87 Difference]: Start difference. First operand 11606 states and 20241 transitions. Second operand has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:18,675 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:18,676 INFO L93 Difference]: Finished difference Result 27702 states and 48272 transitions. [2025-03-03 14:21:18,676 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:18,676 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 123 [2025-03-03 14:21:18,677 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:18,737 INFO L225 Difference]: With dead ends: 27702 [2025-03-03 14:21:18,738 INFO L226 Difference]: Without dead ends: 18070 [2025-03-03 14:21:18,762 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:18,763 INFO L435 NwaCegarLoop]: 521 mSDtfsCounter, 112 mSDsluCounter, 481 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 1002 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:18,763 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 1002 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:18,776 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 18070 states. [2025-03-03 14:21:19,254 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 18070 to 18062. [2025-03-03 14:21:19,281 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 18062 states, 14768 states have (on average 1.648496749729144) internal successors, (24345), 14776 states have internal predecessors, (24345), 3268 states have call successors, (3268), 21 states have call predecessors, (3268), 25 states have return successors, (3607), 3266 states have call predecessors, (3607), 3267 states have call successors, (3607) [2025-03-03 14:21:19,342 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18062 states to 18062 states and 31220 transitions. [2025-03-03 14:21:19,350 INFO L78 Accepts]: Start accepts. Automaton has 18062 states and 31220 transitions. Word has length 123 [2025-03-03 14:21:19,351 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:19,351 INFO L471 AbstractCegarLoop]: Abstraction has 18062 states and 31220 transitions. [2025-03-03 14:21:19,351 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:19,351 INFO L276 IsEmpty]: Start isEmpty. Operand 18062 states and 31220 transitions. [2025-03-03 14:21:19,377 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 125 [2025-03-03 14:21:19,377 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:19,377 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:19,378 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-03 14:21:19,378 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:19,378 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:19,379 INFO L85 PathProgramCache]: Analyzing trace with hash 1275604997, now seen corresponding path program 1 times [2025-03-03 14:21:19,379 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:19,379 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1956743389] [2025-03-03 14:21:19,380 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:19,380 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:19,392 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 124 statements into 1 equivalence classes. [2025-03-03 14:21:19,398 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 124 of 124 statements. [2025-03-03 14:21:19,398 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:19,398 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:19,428 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:19,429 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:19,429 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1956743389] [2025-03-03 14:21:19,429 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1956743389] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:19,429 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:19,429 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:19,429 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2061033125] [2025-03-03 14:21:19,429 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:19,430 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:19,431 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:19,431 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:19,431 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:19,431 INFO L87 Difference]: Start difference. First operand 18062 states and 31220 transitions. Second operand has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:20,195 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:20,195 INFO L93 Difference]: Finished difference Result 47729 states and 82841 transitions. [2025-03-03 14:21:20,195 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:20,196 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 124 [2025-03-03 14:21:20,196 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:20,365 INFO L225 Difference]: With dead ends: 47729 [2025-03-03 14:21:20,365 INFO L226 Difference]: Without dead ends: 32240 [2025-03-03 14:21:20,428 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:20,429 INFO L435 NwaCegarLoop]: 514 mSDtfsCounter, 110 mSDsluCounter, 508 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1022 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:20,429 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1022 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:20,461 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 32240 states. [2025-03-03 14:21:21,442 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 32240 to 32232. [2025-03-03 14:21:21,490 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 32232 states, 26488 states have (on average 1.645499848988221) internal successors, (43586), 26496 states have internal predecessors, (43586), 5718 states have call successors, (5718), 21 states have call predecessors, (5718), 25 states have return successors, (6331), 5716 states have call predecessors, (6331), 5717 states have call successors, (6331) [2025-03-03 14:21:21,595 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 32232 states to 32232 states and 55635 transitions. [2025-03-03 14:21:21,609 INFO L78 Accepts]: Start accepts. Automaton has 32232 states and 55635 transitions. Word has length 124 [2025-03-03 14:21:21,609 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:21,609 INFO L471 AbstractCegarLoop]: Abstraction has 32232 states and 55635 transitions. [2025-03-03 14:21:21,609 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:21,609 INFO L276 IsEmpty]: Start isEmpty. Operand 32232 states and 55635 transitions. [2025-03-03 14:21:21,635 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 126 [2025-03-03 14:21:21,635 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:21,635 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:21,636 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-03 14:21:21,636 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:21,636 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:21,636 INFO L85 PathProgramCache]: Analyzing trace with hash -184041289, now seen corresponding path program 1 times [2025-03-03 14:21:21,637 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:21,637 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [416413096] [2025-03-03 14:21:21,637 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:21,637 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:21,649 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 125 statements into 1 equivalence classes. [2025-03-03 14:21:21,655 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 125 of 125 statements. [2025-03-03 14:21:21,655 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:21,655 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:21,822 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:21,823 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:21,823 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [416413096] [2025-03-03 14:21:21,823 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [416413096] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:21,823 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:21,823 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:21,823 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [510923409] [2025-03-03 14:21:21,823 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:21,824 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:21,824 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:21,824 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:21,824 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:21,825 INFO L87 Difference]: Start difference. First operand 32232 states and 55635 transitions. Second operand has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:22,745 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:22,746 INFO L93 Difference]: Finished difference Result 87846 states and 152163 transitions. [2025-03-03 14:21:22,746 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:22,746 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 125 [2025-03-03 14:21:22,746 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:23,012 INFO L225 Difference]: With dead ends: 87846 [2025-03-03 14:21:23,012 INFO L226 Difference]: Without dead ends: 59054 [2025-03-03 14:21:23,099 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:23,100 INFO L435 NwaCegarLoop]: 524 mSDtfsCounter, 108 mSDsluCounter, 509 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 1033 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:23,100 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [126 Valid, 1033 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:23,143 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59054 states. [2025-03-03 14:21:24,901 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59054 to 59046. [2025-03-03 14:21:24,986 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59046 states, 48789 states have (on average 1.6414765623398717) internal successors, (80086), 48797 states have internal predecessors, (80086), 10231 states have call successors, (10231), 21 states have call predecessors, (10231), 25 states have return successors, (11376), 10229 states have call predecessors, (11376), 10230 states have call successors, (11376) [2025-03-03 14:21:25,213 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59046 states to 59046 states and 101693 transitions. [2025-03-03 14:21:25,245 INFO L78 Accepts]: Start accepts. Automaton has 59046 states and 101693 transitions. Word has length 125 [2025-03-03 14:21:25,245 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:25,245 INFO L471 AbstractCegarLoop]: Abstraction has 59046 states and 101693 transitions. [2025-03-03 14:21:25,246 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:25,246 INFO L276 IsEmpty]: Start isEmpty. Operand 59046 states and 101693 transitions. [2025-03-03 14:21:25,281 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 127 [2025-03-03 14:21:25,281 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:25,281 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:25,281 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-03 14:21:25,282 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:25,282 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:25,282 INFO L85 PathProgramCache]: Analyzing trace with hash -398861658, now seen corresponding path program 1 times [2025-03-03 14:21:25,282 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:25,282 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1241776196] [2025-03-03 14:21:25,282 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:25,282 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:25,300 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 126 statements into 1 equivalence classes. [2025-03-03 14:21:25,306 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 126 of 126 statements. [2025-03-03 14:21:25,306 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:25,306 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:25,340 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:25,340 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:25,340 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1241776196] [2025-03-03 14:21:25,340 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1241776196] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:25,340 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:25,341 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:25,341 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [233197383] [2025-03-03 14:21:25,341 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:25,341 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:25,341 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:25,342 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:25,342 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:25,342 INFO L87 Difference]: Start difference. First operand 59046 states and 101693 transitions. Second operand has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:27,084 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:27,084 INFO L93 Difference]: Finished difference Result 110427 states and 190662 transitions. [2025-03-03 14:21:27,084 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:27,085 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 126 [2025-03-03 14:21:27,086 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:27,642 INFO L225 Difference]: With dead ends: 110427 [2025-03-03 14:21:27,643 INFO L226 Difference]: Without dead ends: 110279 [2025-03-03 14:21:27,723 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:27,725 INFO L435 NwaCegarLoop]: 523 mSDtfsCounter, 103 mSDsluCounter, 513 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 1036 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:27,726 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [120 Valid, 1036 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:27,814 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 110279 states. [2025-03-03 14:21:31,044 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 110279 to 110271. [2025-03-03 14:21:31,182 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 110271 states, 91646 states have (on average 1.6362961831394713) internal successors, (149960), 91654 states have internal predecessors, (149960), 18599 states have call successors, (18599), 21 states have call predecessors, (18599), 25 states have return successors, (20790), 18597 states have call predecessors, (20790), 18598 states have call successors, (20790) [2025-03-03 14:21:31,561 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 110271 states to 110271 states and 189349 transitions. [2025-03-03 14:21:31,606 INFO L78 Accepts]: Start accepts. Automaton has 110271 states and 189349 transitions. Word has length 126 [2025-03-03 14:21:31,606 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:31,606 INFO L471 AbstractCegarLoop]: Abstraction has 110271 states and 189349 transitions. [2025-03-03 14:21:31,607 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:31,607 INFO L276 IsEmpty]: Start isEmpty. Operand 110271 states and 189349 transitions. [2025-03-03 14:21:31,641 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 128 [2025-03-03 14:21:31,641 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:31,641 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:31,641 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-03 14:21:31,642 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:31,642 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:31,642 INFO L85 PathProgramCache]: Analyzing trace with hash 972985334, now seen corresponding path program 1 times [2025-03-03 14:21:31,642 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:31,642 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [401790156] [2025-03-03 14:21:31,642 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:31,642 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:31,656 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-03-03 14:21:31,664 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-03-03 14:21:31,666 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:31,666 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:31,872 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:31,872 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:31,873 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [401790156] [2025-03-03 14:21:31,873 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [401790156] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:31,873 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:31,873 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [12] imperfect sequences [] total 12 [2025-03-03 14:21:31,873 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1965758916] [2025-03-03 14:21:31,873 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:31,873 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2025-03-03 14:21:31,873 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:31,874 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2025-03-03 14:21:31,874 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=111, Unknown=0, NotChecked=0, Total=132 [2025-03-03 14:21:31,875 INFO L87 Difference]: Start difference. First operand 110271 states and 189349 transitions. Second operand has 12 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 5 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (12), 6 states have call predecessors, (12), 5 states have call successors, (12) [2025-03-03 14:21:36,950 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:36,951 INFO L93 Difference]: Finished difference Result 219684 states and 382704 transitions. [2025-03-03 14:21:36,951 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2025-03-03 14:21:36,951 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 5 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (12), 6 states have call predecessors, (12), 5 states have call successors, (12) Word has length 127 [2025-03-03 14:21:36,951 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:37,976 INFO L225 Difference]: With dead ends: 219684 [2025-03-03 14:21:37,976 INFO L226 Difference]: Without dead ends: 219542 [2025-03-03 14:21:38,075 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 69 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=125, Invalid=525, Unknown=0, NotChecked=0, Total=650 [2025-03-03 14:21:38,076 INFO L435 NwaCegarLoop]: 609 mSDtfsCounter, 1275 mSDsluCounter, 5214 mSDsCounter, 0 mSdLazyCounter, 972 mSolverCounterSat, 353 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1275 SdHoareTripleChecker+Valid, 5823 SdHoareTripleChecker+Invalid, 1325 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 353 IncrementalHoareTripleChecker+Valid, 972 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:38,076 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [1275 Valid, 5823 Invalid, 1325 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [353 Valid, 972 Invalid, 0 Unknown, 0 Unchecked, 1.1s Time] [2025-03-03 14:21:38,233 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 219542 states. [2025-03-03 14:21:44,449 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 219542 to 219507. [2025-03-03 14:21:44,687 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 219507 states, 182504 states have (on average 1.6369723403322667) internal successors, (298754), 182409 states have internal predecessors, (298754), 36942 states have call successors, (36942), 54 states have call predecessors, (36942), 60 states have return successors, (44598), 37049 states have call predecessors, (44598), 36939 states have call successors, (44598) [2025-03-03 14:21:46,059 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 219507 states to 219507 states and 380294 transitions. [2025-03-03 14:21:46,127 INFO L78 Accepts]: Start accepts. Automaton has 219507 states and 380294 transitions. Word has length 127 [2025-03-03 14:21:46,128 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:46,128 INFO L471 AbstractCegarLoop]: Abstraction has 219507 states and 380294 transitions. [2025-03-03 14:21:46,129 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 5 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (12), 6 states have call predecessors, (12), 5 states have call successors, (12) [2025-03-03 14:21:46,129 INFO L276 IsEmpty]: Start isEmpty. Operand 219507 states and 380294 transitions. [2025-03-03 14:21:46,199 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 129 [2025-03-03 14:21:46,199 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:46,200 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:46,200 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2025-03-03 14:21:46,200 INFO L396 AbstractCegarLoop]: === Iteration 22 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:46,201 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:46,201 INFO L85 PathProgramCache]: Analyzing trace with hash -1350073561, now seen corresponding path program 1 times [2025-03-03 14:21:46,201 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:46,201 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [771947385] [2025-03-03 14:21:46,201 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:46,201 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:46,225 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 128 statements into 1 equivalence classes. [2025-03-03 14:21:46,237 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 128 of 128 statements. [2025-03-03 14:21:46,237 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:46,237 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:46,370 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:46,370 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:46,370 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [771947385] [2025-03-03 14:21:46,370 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [771947385] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:46,370 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:46,370 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11] imperfect sequences [] total 11 [2025-03-03 14:21:46,370 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1807594567] [2025-03-03 14:21:46,371 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:46,371 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2025-03-03 14:21:46,371 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:46,371 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2025-03-03 14:21:46,372 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=19, Invalid=91, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:21:46,372 INFO L87 Difference]: Start difference. First operand 219507 states and 380294 transitions. Second operand has 11 states, 9 states have (on average 9.777777777777779) internal successors, (88), 9 states have internal predecessors, (88), 6 states have call successors, (15), 3 states have call predecessors, (15), 2 states have return successors, (12), 4 states have call predecessors, (12), 5 states have call successors, (12)