./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec1_product21.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec1_product21.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash cecb11257778d17777e5c48cccb3bea71da01aa9ce120079a5b602041abb00f4 --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:21:18,376 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:21:18,431 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:21:18,439 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:21:18,439 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:21:18,462 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:21:18,463 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:21:18,464 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:21:18,464 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:21:18,464 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:21:18,464 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:21:18,465 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:21:18,465 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:21:18,465 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:21:18,465 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:21:18,465 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:21:18,466 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:21:18,466 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:21:18,466 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:21:18,466 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:21:18,466 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:21:18,466 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:21:18,466 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:21:18,466 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:21:18,466 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:21:18,467 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:21:18,467 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:21:18,467 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:21:18,467 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:21:18,467 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:21:18,467 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:21:18,467 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:21:18,467 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:21:18,467 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:21:18,468 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:21:18,468 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:21:18,468 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:21:18,468 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:21:18,468 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:21:18,468 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:21:18,468 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:21:18,468 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:21:18,468 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:21:18,468 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> cecb11257778d17777e5c48cccb3bea71da01aa9ce120079a5b602041abb00f4 [2025-03-03 14:21:18,673 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:21:18,679 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:21:18,681 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:21:18,681 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:21:18,682 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:21:18,682 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec1_product21.cil.c [2025-03-03 14:21:19,794 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/291e1cca5/11a1c7ab53fd455385503d7de7a2512c/FLAG31b203390 [2025-03-03 14:21:20,153 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:21:20,154 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec1_product21.cil.c [2025-03-03 14:21:20,173 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/291e1cca5/11a1c7ab53fd455385503d7de7a2512c/FLAG31b203390 [2025-03-03 14:21:20,375 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/291e1cca5/11a1c7ab53fd455385503d7de7a2512c [2025-03-03 14:21:20,377 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:21:20,381 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:21:20,382 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:21:20,382 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:21:20,388 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:21:20,388 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:21:20" (1/1) ... [2025-03-03 14:21:20,389 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@d169e3c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:20, skipping insertion in model container [2025-03-03 14:21:20,390 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:21:20" (1/1) ... [2025-03-03 14:21:20,432 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:21:20,845 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec1_product21.cil.c[63391,63404] [2025-03-03 14:21:20,850 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:21:20,865 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:21:20,871 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"AddressBookEncrypt_spec.i","") [48] [2025-03-03 14:21:20,872 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [90] [2025-03-03 14:21:20,873 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [501] [2025-03-03 14:21:20,873 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [730] [2025-03-03 14:21:20,873 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [836] [2025-03-03 14:21:20,873 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [853] [2025-03-03 14:21:20,873 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1219] [2025-03-03 14:21:20,873 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [1257] [2025-03-03 14:21:20,873 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [1577] [2025-03-03 14:21:20,873 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [2649] [2025-03-03 14:21:20,873 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [2937] [2025-03-03 14:21:20,992 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec1_product21.cil.c[63391,63404] [2025-03-03 14:21:20,993 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:21:21,020 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:21:21,022 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21 WrapperNode [2025-03-03 14:21:21,022 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:21:21,023 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:21:21,023 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:21:21,024 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:21:21,028 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (1/1) ... [2025-03-03 14:21:21,050 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (1/1) ... [2025-03-03 14:21:21,088 INFO L138 Inliner]: procedures = 128, calls = 197, calls flagged for inlining = 57, calls inlined = 54, statements flattened = 1060 [2025-03-03 14:21:21,088 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:21:21,089 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:21:21,089 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:21:21,089 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:21:21,095 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (1/1) ... [2025-03-03 14:21:21,095 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (1/1) ... [2025-03-03 14:21:21,101 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (1/1) ... [2025-03-03 14:21:21,130 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-03 14:21:21,130 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (1/1) ... [2025-03-03 14:21:21,130 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (1/1) ... [2025-03-03 14:21:21,155 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (1/1) ... [2025-03-03 14:21:21,159 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (1/1) ... [2025-03-03 14:21:21,163 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (1/1) ... [2025-03-03 14:21:21,168 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (1/1) ... [2025-03-03 14:21:21,179 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:21:21,180 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:21:21,180 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:21:21,180 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:21:21,180 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (1/1) ... [2025-03-03 14:21:21,190 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:21:21,201 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:21,214 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:21:21,217 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:21:21,237 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-03 14:21:21,237 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-03 14:21:21,237 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-03 14:21:21,237 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-03 14:21:21,237 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-03 14:21:21,237 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-03 14:21:21,238 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-03 14:21:21,238 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-03 14:21:21,239 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-03 14:21:21,239 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-03 14:21:21,239 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-03 14:21:21,239 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-03 14:21:21,239 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:21:21,239 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-03 14:21:21,239 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-03 14:21:21,239 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-03 14:21:21,239 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-03 14:21:21,239 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-03 14:21:21,239 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-03 14:21:21,239 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-03 14:21:21,239 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:21:21,239 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:21:21,410 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:21:21,412 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:21:21,489 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2238-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~36#1; [2025-03-03 14:21:21,489 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2283: #res#1 := ~retValue_acc~37#1; [2025-03-03 14:21:21,688 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2579-1: getClientForwardReceiver_#res#1 := getClientForwardReceiver_~retValue_acc~41#1; [2025-03-03 14:21:21,689 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2191-1: getClientPrivateKey_#res#1 := getClientPrivateKey_~retValue_acc~35#1; [2025-03-03 14:21:21,689 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L789-1: isReadable__wrappee__Keys_#res#1 := isReadable__wrappee__Keys_~retValue_acc~11#1; [2025-03-03 14:21:21,689 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L145-1: getEmailId_#res#1 := getEmailId_~retValue_acc~1#1; [2025-03-03 14:21:21,689 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2507-1: findPublicKey_#res#1 := findPublicKey_~retValue_acc~40#1; [2025-03-03 14:21:21,689 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L809-1: isReadable_#res#1 := isReadable_~retValue_acc~12#1; [2025-03-03 14:21:21,689 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2626-1: getClientId_#res#1 := getClientId_~retValue_acc~42#1; [2025-03-03 14:21:21,689 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L182-1: getEmailFrom_#res#1 := getEmailFrom_~retValue_acc~2#1; [2025-03-03 14:21:21,689 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1545-1: isKeyPairValid_#res#1 := isKeyPairValid_~retValue_acc~25#1; [2025-03-03 14:21:21,699 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L833-1: createEmail_#res#1 := createEmail_~retValue_acc~14#1; [2025-03-03 14:21:21,710 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1735: #res := ~retValue_acc~29; [2025-03-03 14:21:21,720 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L334: #res := ~retValue_acc~6; [2025-03-03 14:21:21,746 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L371: #res := ~retValue_acc~7; [2025-03-03 14:21:21,766 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L219: #res := ~retValue_acc~3; [2025-03-03 14:21:21,804 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2061: #res := ~retValue_acc~33; [2025-03-03 14:21:22,021 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1511-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~23#1; [2025-03-03 14:21:22,021 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2453-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~39#1; [2025-03-03 14:21:22,021 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1254-1: valid_product_#res#1 := valid_product_~retValue_acc~20#1; [2025-03-03 14:21:22,021 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1502-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~22#1; [2025-03-03 14:21:22,021 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1520-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~24#1; [2025-03-03 14:21:22,021 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2346-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~38#1; [2025-03-03 14:21:22,150 INFO L? ?]: Removed 521 outVars from TransFormulas that were not future-live. [2025-03-03 14:21:22,150 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:21:22,168 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:21:22,168 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:21:22,168 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:21:22 BoogieIcfgContainer [2025-03-03 14:21:22,168 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:21:22,171 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:21:22,171 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:21:22,174 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:21:22,174 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:21:20" (1/3) ... [2025-03-03 14:21:22,174 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@60744326 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:21:22, skipping insertion in model container [2025-03-03 14:21:22,175 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:21" (2/3) ... [2025-03-03 14:21:22,175 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@60744326 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:21:22, skipping insertion in model container [2025-03-03 14:21:22,175 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:21:22" (3/3) ... [2025-03-03 14:21:22,175 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec1_product21.cil.c [2025-03-03 14:21:22,187 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:21:22,190 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec1_product21.cil.c that has 22 procedures, 375 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-03 14:21:22,238 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:21:22,245 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@3408106e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:21:22,246 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:21:22,249 INFO L276 IsEmpty]: Start isEmpty. Operand has 375 states, 295 states have (on average 1.5694915254237287) internal successors, (463), 300 states have internal predecessors, (463), 57 states have call successors, (57), 21 states have call predecessors, (57), 21 states have return successors, (57), 56 states have call predecessors, (57), 57 states have call successors, (57) [2025-03-03 14:21:22,265 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2025-03-03 14:21:22,265 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:22,266 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:22,266 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:22,270 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:22,271 INFO L85 PathProgramCache]: Analyzing trace with hash 970503363, now seen corresponding path program 1 times [2025-03-03 14:21:22,276 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:22,277 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1371741387] [2025-03-03 14:21:22,277 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:22,277 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:22,358 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 98 statements into 1 equivalence classes. [2025-03-03 14:21:22,404 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 98 of 98 statements. [2025-03-03 14:21:22,404 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:22,404 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:22,815 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2025-03-03 14:21:22,815 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:22,816 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1371741387] [2025-03-03 14:21:22,817 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1371741387] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:22,817 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1153714790] [2025-03-03 14:21:22,817 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:22,817 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:22,817 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:22,819 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:22,821 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:21:22,972 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 98 statements into 1 equivalence classes. [2025-03-03 14:21:23,093 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 98 of 98 statements. [2025-03-03 14:21:23,094 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:23,094 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:23,099 INFO L256 TraceCheckSpWp]: Trace formula consists of 991 conjuncts, 1 conjuncts are in the unsatisfiable core [2025-03-03 14:21:23,104 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:23,120 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:21:23,120 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:23,120 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1153714790] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:23,120 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:23,121 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [5] total 5 [2025-03-03 14:21:23,122 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1358482401] [2025-03-03 14:21:23,123 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:23,125 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:21:23,126 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:23,143 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:21:23,144 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:23,147 INFO L87 Difference]: Start difference. First operand has 375 states, 295 states have (on average 1.5694915254237287) internal successors, (463), 300 states have internal predecessors, (463), 57 states have call successors, (57), 21 states have call predecessors, (57), 21 states have return successors, (57), 56 states have call predecessors, (57), 57 states have call successors, (57) Second operand has 2 states, 2 states have (on average 28.0) internal successors, (56), 2 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:23,190 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:23,191 INFO L93 Difference]: Finished difference Result 558 states and 846 transitions. [2025-03-03 14:21:23,192 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:21:23,193 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 28.0) internal successors, (56), 2 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 98 [2025-03-03 14:21:23,193 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:23,203 INFO L225 Difference]: With dead ends: 558 [2025-03-03 14:21:23,203 INFO L226 Difference]: Without dead ends: 368 [2025-03-03 14:21:23,208 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 102 GetRequests, 99 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:23,210 INFO L435 NwaCegarLoop]: 574 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 574 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:23,211 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 574 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:23,221 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 368 states. [2025-03-03 14:21:23,249 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 368 to 368. [2025-03-03 14:21:23,250 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 368 states, 289 states have (on average 1.5674740484429066) internal successors, (453), 293 states have internal predecessors, (453), 57 states have call successors, (57), 21 states have call predecessors, (57), 21 states have return successors, (56), 55 states have call predecessors, (56), 56 states have call successors, (56) [2025-03-03 14:21:23,255 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 368 states to 368 states and 566 transitions. [2025-03-03 14:21:23,257 INFO L78 Accepts]: Start accepts. Automaton has 368 states and 566 transitions. Word has length 98 [2025-03-03 14:21:23,257 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:23,258 INFO L471 AbstractCegarLoop]: Abstraction has 368 states and 566 transitions. [2025-03-03 14:21:23,258 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 28.0) internal successors, (56), 2 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:23,258 INFO L276 IsEmpty]: Start isEmpty. Operand 368 states and 566 transitions. [2025-03-03 14:21:23,262 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 100 [2025-03-03 14:21:23,262 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:23,262 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:23,271 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2025-03-03 14:21:23,463 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-03 14:21:23,463 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:23,464 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:23,464 INFO L85 PathProgramCache]: Analyzing trace with hash 399890701, now seen corresponding path program 1 times [2025-03-03 14:21:23,464 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:23,464 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [220723158] [2025-03-03 14:21:23,464 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:23,464 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:23,503 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 99 statements into 1 equivalence classes. [2025-03-03 14:21:23,515 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 99 of 99 statements. [2025-03-03 14:21:23,518 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:23,518 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:23,680 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2025-03-03 14:21:23,680 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:23,680 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [220723158] [2025-03-03 14:21:23,680 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [220723158] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:23,681 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1662796797] [2025-03-03 14:21:23,681 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:23,681 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:23,681 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:23,683 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:23,684 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:21:23,830 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 99 statements into 1 equivalence classes. [2025-03-03 14:21:23,933 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 99 of 99 statements. [2025-03-03 14:21:23,933 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:23,933 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:23,936 INFO L256 TraceCheckSpWp]: Trace formula consists of 992 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-03 14:21:23,944 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:23,963 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:21:23,966 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:23,967 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1662796797] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:23,967 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:23,967 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:21:23,967 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [931172768] [2025-03-03 14:21:23,967 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:23,967 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:23,967 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:23,968 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:23,968 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:21:23,968 INFO L87 Difference]: Start difference. First operand 368 states and 566 transitions. Second operand has 3 states, 3 states have (on average 19.0) internal successors, (57), 3 states have internal predecessors, (57), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:23,991 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:23,991 INFO L93 Difference]: Finished difference Result 547 states and 824 transitions. [2025-03-03 14:21:23,992 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:23,992 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 19.0) internal successors, (57), 3 states have internal predecessors, (57), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 99 [2025-03-03 14:21:23,992 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:23,995 INFO L225 Difference]: With dead ends: 547 [2025-03-03 14:21:23,995 INFO L226 Difference]: Without dead ends: 370 [2025-03-03 14:21:23,996 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 103 GetRequests, 99 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:21:23,996 INFO L435 NwaCegarLoop]: 565 mSDtfsCounter, 0 mSDsluCounter, 563 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1128 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:23,997 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1128 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:23,999 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 370 states. [2025-03-03 14:21:24,024 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 370 to 370. [2025-03-03 14:21:24,024 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 370 states, 291 states have (on average 1.563573883161512) internal successors, (455), 295 states have internal predecessors, (455), 57 states have call successors, (57), 21 states have call predecessors, (57), 21 states have return successors, (56), 55 states have call predecessors, (56), 56 states have call successors, (56) [2025-03-03 14:21:24,027 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 370 states to 370 states and 568 transitions. [2025-03-03 14:21:24,027 INFO L78 Accepts]: Start accepts. Automaton has 370 states and 568 transitions. Word has length 99 [2025-03-03 14:21:24,028 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:24,028 INFO L471 AbstractCegarLoop]: Abstraction has 370 states and 568 transitions. [2025-03-03 14:21:24,028 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 19.0) internal successors, (57), 3 states have internal predecessors, (57), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:24,028 INFO L276 IsEmpty]: Start isEmpty. Operand 370 states and 568 transitions. [2025-03-03 14:21:24,030 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 105 [2025-03-03 14:21:24,031 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:24,031 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:24,039 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2025-03-03 14:21:24,231 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-03 14:21:24,232 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:24,232 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:24,232 INFO L85 PathProgramCache]: Analyzing trace with hash 1663737816, now seen corresponding path program 1 times [2025-03-03 14:21:24,232 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:24,232 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1807644433] [2025-03-03 14:21:24,232 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:24,232 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:24,248 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 104 statements into 1 equivalence classes. [2025-03-03 14:21:24,255 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 104 of 104 statements. [2025-03-03 14:21:24,257 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:24,257 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:24,430 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:21:24,432 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:24,432 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1807644433] [2025-03-03 14:21:24,432 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1807644433] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:24,432 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1831781353] [2025-03-03 14:21:24,432 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:24,432 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:24,432 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:24,434 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:24,436 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:21:24,559 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 104 statements into 1 equivalence classes. [2025-03-03 14:21:24,659 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 104 of 104 statements. [2025-03-03 14:21:24,659 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:24,659 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:24,662 INFO L256 TraceCheckSpWp]: Trace formula consists of 1004 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:21:24,666 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:24,679 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:21:24,679 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:24,680 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1831781353] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:24,680 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:24,680 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:21:24,680 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2076019332] [2025-03-03 14:21:24,680 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:24,680 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:24,680 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:24,681 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:24,681 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:21:24,681 INFO L87 Difference]: Start difference. First operand 370 states and 568 transitions. Second operand has 3 states, 3 states have (on average 20.666666666666668) internal successors, (62), 3 states have internal predecessors, (62), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:24,720 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:24,721 INFO L93 Difference]: Finished difference Result 787 states and 1227 transitions. [2025-03-03 14:21:24,722 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:24,722 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 20.666666666666668) internal successors, (62), 3 states have internal predecessors, (62), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 104 [2025-03-03 14:21:24,723 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:24,725 INFO L225 Difference]: With dead ends: 787 [2025-03-03 14:21:24,726 INFO L226 Difference]: Without dead ends: 444 [2025-03-03 14:21:24,728 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 108 GetRequests, 104 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:21:24,730 INFO L435 NwaCegarLoop]: 567 mSDtfsCounter, 134 mSDsluCounter, 517 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 152 SdHoareTripleChecker+Valid, 1084 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:24,730 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [152 Valid, 1084 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:24,734 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 444 states. [2025-03-03 14:21:24,757 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 444 to 436. [2025-03-03 14:21:24,758 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 436 states, 343 states have (on average 1.5830903790087463) internal successors, (543), 347 states have internal predecessors, (543), 71 states have call successors, (71), 21 states have call predecessors, (71), 21 states have return successors, (70), 69 states have call predecessors, (70), 70 states have call successors, (70) [2025-03-03 14:21:24,762 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 436 states to 436 states and 684 transitions. [2025-03-03 14:21:24,763 INFO L78 Accepts]: Start accepts. Automaton has 436 states and 684 transitions. Word has length 104 [2025-03-03 14:21:24,763 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:24,763 INFO L471 AbstractCegarLoop]: Abstraction has 436 states and 684 transitions. [2025-03-03 14:21:24,763 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 20.666666666666668) internal successors, (62), 3 states have internal predecessors, (62), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:24,764 INFO L276 IsEmpty]: Start isEmpty. Operand 436 states and 684 transitions. [2025-03-03 14:21:24,766 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 106 [2025-03-03 14:21:24,767 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:24,767 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:24,774 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2025-03-03 14:21:24,971 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:24,971 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:24,972 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:24,972 INFO L85 PathProgramCache]: Analyzing trace with hash 1881581864, now seen corresponding path program 1 times [2025-03-03 14:21:24,972 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:24,972 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1676820828] [2025-03-03 14:21:24,972 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:24,972 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:24,990 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 105 statements into 1 equivalence classes. [2025-03-03 14:21:24,997 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 105 of 105 statements. [2025-03-03 14:21:24,997 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:24,997 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:25,127 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:21:25,128 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:25,128 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1676820828] [2025-03-03 14:21:25,128 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1676820828] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:25,128 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [567846032] [2025-03-03 14:21:25,128 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:25,128 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:25,128 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:25,131 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:25,132 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-03 14:21:25,262 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 105 statements into 1 equivalence classes. [2025-03-03 14:21:25,357 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 105 of 105 statements. [2025-03-03 14:21:25,357 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:25,357 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:25,361 INFO L256 TraceCheckSpWp]: Trace formula consists of 1009 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-03 14:21:25,364 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:25,405 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-03 14:21:25,405 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:25,406 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [567846032] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:25,406 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:25,406 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:21:25,406 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1673395189] [2025-03-03 14:21:25,406 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:25,406 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:25,406 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:25,407 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:25,407 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:21:25,407 INFO L87 Difference]: Start difference. First operand 436 states and 684 transitions. Second operand has 5 states, 4 states have (on average 17.75) internal successors, (71), 5 states have internal predecessors, (71), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:25,467 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:25,468 INFO L93 Difference]: Finished difference Result 863 states and 1358 transitions. [2025-03-03 14:21:25,468 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:25,468 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 17.75) internal successors, (71), 5 states have internal predecessors, (71), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 105 [2025-03-03 14:21:25,468 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:25,472 INFO L225 Difference]: With dead ends: 863 [2025-03-03 14:21:25,472 INFO L226 Difference]: Without dead ends: 438 [2025-03-03 14:21:25,474 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 109 GetRequests, 103 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:21:25,474 INFO L435 NwaCegarLoop]: 558 mSDtfsCounter, 2 mSDsluCounter, 1663 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2221 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:25,475 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2221 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:25,476 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 438 states. [2025-03-03 14:21:25,493 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 438 to 438. [2025-03-03 14:21:25,493 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 438 states, 344 states have (on average 1.5813953488372092) internal successors, (544), 349 states have internal predecessors, (544), 71 states have call successors, (71), 21 states have call predecessors, (71), 22 states have return successors, (72), 69 states have call predecessors, (72), 70 states have call successors, (72) [2025-03-03 14:21:25,497 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 438 states to 438 states and 687 transitions. [2025-03-03 14:21:25,497 INFO L78 Accepts]: Start accepts. Automaton has 438 states and 687 transitions. Word has length 105 [2025-03-03 14:21:25,497 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:25,497 INFO L471 AbstractCegarLoop]: Abstraction has 438 states and 687 transitions. [2025-03-03 14:21:25,497 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 17.75) internal successors, (71), 5 states have internal predecessors, (71), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:25,498 INFO L276 IsEmpty]: Start isEmpty. Operand 438 states and 687 transitions. [2025-03-03 14:21:25,500 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2025-03-03 14:21:25,500 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:25,500 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:25,507 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2025-03-03 14:21:25,700 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:25,701 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:25,701 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:25,701 INFO L85 PathProgramCache]: Analyzing trace with hash 1105997704, now seen corresponding path program 1 times [2025-03-03 14:21:25,701 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:25,701 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [559677473] [2025-03-03 14:21:25,701 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:25,701 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:25,720 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 106 statements into 1 equivalence classes. [2025-03-03 14:21:25,728 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 106 of 106 statements. [2025-03-03 14:21:25,731 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:25,731 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:25,860 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2025-03-03 14:21:25,861 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:25,861 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [559677473] [2025-03-03 14:21:25,861 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [559677473] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:25,861 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1546502001] [2025-03-03 14:21:25,861 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:25,861 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:25,861 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:25,863 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:25,865 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-03 14:21:25,982 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 106 statements into 1 equivalence classes. [2025-03-03 14:21:26,065 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 106 of 106 statements. [2025-03-03 14:21:26,065 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:26,065 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:26,069 INFO L256 TraceCheckSpWp]: Trace formula consists of 1010 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:21:26,072 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:26,109 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-03 14:21:26,109 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:26,109 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1546502001] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:26,109 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:26,109 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-03 14:21:26,109 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [938971823] [2025-03-03 14:21:26,110 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:26,110 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:26,110 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:26,110 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:26,112 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:21:26,113 INFO L87 Difference]: Start difference. First operand 438 states and 687 transitions. Second operand has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:26,165 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:26,165 INFO L93 Difference]: Finished difference Result 865 states and 1363 transitions. [2025-03-03 14:21:26,166 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:26,166 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 106 [2025-03-03 14:21:26,166 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:26,168 INFO L225 Difference]: With dead ends: 865 [2025-03-03 14:21:26,169 INFO L226 Difference]: Without dead ends: 440 [2025-03-03 14:21:26,170 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 113 GetRequests, 104 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:21:26,170 INFO L435 NwaCegarLoop]: 556 mSDtfsCounter, 2 mSDsluCounter, 1651 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2207 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:26,171 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2207 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:26,171 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 440 states. [2025-03-03 14:21:26,181 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 440 to 440. [2025-03-03 14:21:26,182 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 440 states, 345 states have (on average 1.5797101449275361) internal successors, (545), 351 states have internal predecessors, (545), 71 states have call successors, (71), 21 states have call predecessors, (71), 23 states have return successors, (77), 69 states have call predecessors, (77), 70 states have call successors, (77) [2025-03-03 14:21:26,184 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 440 states to 440 states and 693 transitions. [2025-03-03 14:21:26,185 INFO L78 Accepts]: Start accepts. Automaton has 440 states and 693 transitions. Word has length 106 [2025-03-03 14:21:26,185 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:26,185 INFO L471 AbstractCegarLoop]: Abstraction has 440 states and 693 transitions. [2025-03-03 14:21:26,185 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:26,185 INFO L276 IsEmpty]: Start isEmpty. Operand 440 states and 693 transitions. [2025-03-03 14:21:26,187 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 108 [2025-03-03 14:21:26,187 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:26,187 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:26,194 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2025-03-03 14:21:26,387 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:26,388 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:26,388 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:26,388 INFO L85 PathProgramCache]: Analyzing trace with hash -1573283215, now seen corresponding path program 1 times [2025-03-03 14:21:26,388 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:26,388 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [670813770] [2025-03-03 14:21:26,388 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:26,388 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:26,402 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 107 statements into 1 equivalence classes. [2025-03-03 14:21:26,407 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 107 of 107 statements. [2025-03-03 14:21:26,407 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:26,407 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:26,492 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:21:26,492 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:26,492 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [670813770] [2025-03-03 14:21:26,492 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [670813770] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:26,492 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:26,492 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:26,493 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1622511241] [2025-03-03 14:21:26,493 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:26,493 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:26,493 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:26,494 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:26,494 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:26,494 INFO L87 Difference]: Start difference. First operand 440 states and 693 transitions. Second operand has 5 states, 4 states have (on average 17.25) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:26,526 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:26,527 INFO L93 Difference]: Finished difference Result 857 states and 1354 transitions. [2025-03-03 14:21:26,527 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:26,527 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 17.25) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 107 [2025-03-03 14:21:26,527 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:26,530 INFO L225 Difference]: With dead ends: 857 [2025-03-03 14:21:26,530 INFO L226 Difference]: Without dead ends: 440 [2025-03-03 14:21:26,531 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:26,531 INFO L435 NwaCegarLoop]: 559 mSDtfsCounter, 2 mSDsluCounter, 1666 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2225 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:26,532 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2225 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:26,532 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 440 states. [2025-03-03 14:21:26,545 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 440 to 440. [2025-03-03 14:21:26,546 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 440 states, 345 states have (on average 1.5797101449275361) internal successors, (545), 351 states have internal predecessors, (545), 71 states have call successors, (71), 21 states have call predecessors, (71), 23 states have return successors, (76), 69 states have call predecessors, (76), 70 states have call successors, (76) [2025-03-03 14:21:26,549 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 440 states to 440 states and 692 transitions. [2025-03-03 14:21:26,549 INFO L78 Accepts]: Start accepts. Automaton has 440 states and 692 transitions. Word has length 107 [2025-03-03 14:21:26,550 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:26,550 INFO L471 AbstractCegarLoop]: Abstraction has 440 states and 692 transitions. [2025-03-03 14:21:26,550 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 17.25) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:26,550 INFO L276 IsEmpty]: Start isEmpty. Operand 440 states and 692 transitions. [2025-03-03 14:21:26,551 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 109 [2025-03-03 14:21:26,552 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:26,552 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:26,552 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:21:26,552 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:26,552 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:26,552 INFO L85 PathProgramCache]: Analyzing trace with hash -739947661, now seen corresponding path program 2 times [2025-03-03 14:21:26,552 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:26,552 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1738349860] [2025-03-03 14:21:26,553 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:21:26,553 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:26,566 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 108 statements into 2 equivalence classes. [2025-03-03 14:21:26,575 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 108 of 108 statements. [2025-03-03 14:21:26,575 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-03 14:21:26,575 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:26,661 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:21:26,661 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:26,661 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1738349860] [2025-03-03 14:21:26,661 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1738349860] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:26,661 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:26,661 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:26,661 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [342813052] [2025-03-03 14:21:26,661 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:26,661 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:26,661 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:26,662 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:26,662 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:26,662 INFO L87 Difference]: Start difference. First operand 440 states and 692 transitions. Second operand has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:26,701 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:26,701 INFO L93 Difference]: Finished difference Result 855 states and 1349 transitions. [2025-03-03 14:21:26,702 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:26,702 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 108 [2025-03-03 14:21:26,702 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:26,704 INFO L225 Difference]: With dead ends: 855 [2025-03-03 14:21:26,704 INFO L226 Difference]: Without dead ends: 440 [2025-03-03 14:21:26,705 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:26,706 INFO L435 NwaCegarLoop]: 557 mSDtfsCounter, 2 mSDsluCounter, 1654 mSDsCounter, 0 mSdLazyCounter, 45 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2211 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 45 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:26,706 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2211 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 45 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:26,707 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 440 states. [2025-03-03 14:21:26,718 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 440 to 440. [2025-03-03 14:21:26,719 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 440 states, 345 states have (on average 1.5797101449275361) internal successors, (545), 351 states have internal predecessors, (545), 71 states have call successors, (71), 21 states have call predecessors, (71), 23 states have return successors, (75), 69 states have call predecessors, (75), 70 states have call successors, (75) [2025-03-03 14:21:26,721 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 440 states to 440 states and 691 transitions. [2025-03-03 14:21:26,722 INFO L78 Accepts]: Start accepts. Automaton has 440 states and 691 transitions. Word has length 108 [2025-03-03 14:21:26,722 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:26,722 INFO L471 AbstractCegarLoop]: Abstraction has 440 states and 691 transitions. [2025-03-03 14:21:26,723 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:26,723 INFO L276 IsEmpty]: Start isEmpty. Operand 440 states and 691 transitions. [2025-03-03 14:21:26,724 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 110 [2025-03-03 14:21:26,724 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:26,724 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:26,724 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:21:26,725 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:26,725 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:26,725 INFO L85 PathProgramCache]: Analyzing trace with hash 1861585598, now seen corresponding path program 3 times [2025-03-03 14:21:26,725 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:26,725 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1575724402] [2025-03-03 14:21:26,725 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2025-03-03 14:21:26,725 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:26,740 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 partitioned 109 statements into 3 equivalence classes. [2025-03-03 14:21:26,750 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) and asserted 97 of 109 statements. [2025-03-03 14:21:26,750 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2025-03-03 14:21:26,750 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:26,810 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:21:26,810 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:26,811 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1575724402] [2025-03-03 14:21:26,811 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1575724402] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:26,811 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:26,811 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:26,811 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1074868614] [2025-03-03 14:21:26,811 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:26,811 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:26,811 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:26,812 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:26,812 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:26,812 INFO L87 Difference]: Start difference. First operand 440 states and 691 transitions. Second operand has 5 states, 5 states have (on average 14.0) internal successors, (70), 5 states have internal predecessors, (70), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:26,858 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:26,858 INFO L93 Difference]: Finished difference Result 857 states and 1355 transitions. [2025-03-03 14:21:26,858 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:26,858 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 14.0) internal successors, (70), 5 states have internal predecessors, (70), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 109 [2025-03-03 14:21:26,859 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:26,861 INFO L225 Difference]: With dead ends: 857 [2025-03-03 14:21:26,861 INFO L226 Difference]: Without dead ends: 442 [2025-03-03 14:21:26,862 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:26,863 INFO L435 NwaCegarLoop]: 560 mSDtfsCounter, 1 mSDsluCounter, 1662 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2222 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:26,863 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2222 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:26,864 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 442 states. [2025-03-03 14:21:26,876 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 442 to 442. [2025-03-03 14:21:26,877 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 442 states, 346 states have (on average 1.5780346820809248) internal successors, (546), 353 states have internal predecessors, (546), 71 states have call successors, (71), 21 states have call predecessors, (71), 24 states have return successors, (80), 69 states have call predecessors, (80), 70 states have call successors, (80) [2025-03-03 14:21:26,880 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 442 states to 442 states and 697 transitions. [2025-03-03 14:21:26,880 INFO L78 Accepts]: Start accepts. Automaton has 442 states and 697 transitions. Word has length 109 [2025-03-03 14:21:26,881 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:26,881 INFO L471 AbstractCegarLoop]: Abstraction has 442 states and 697 transitions. [2025-03-03 14:21:26,881 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 14.0) internal successors, (70), 5 states have internal predecessors, (70), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:26,881 INFO L276 IsEmpty]: Start isEmpty. Operand 442 states and 697 transitions. [2025-03-03 14:21:26,882 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2025-03-03 14:21:26,882 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:26,882 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:26,882 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:21:26,883 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:26,883 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:26,883 INFO L85 PathProgramCache]: Analyzing trace with hash -1265355881, now seen corresponding path program 1 times [2025-03-03 14:21:26,884 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:26,884 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [428787401] [2025-03-03 14:21:26,884 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:26,884 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:26,897 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-03-03 14:21:26,903 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-03-03 14:21:26,903 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:26,903 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:26,976 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:21:26,976 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:26,976 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [428787401] [2025-03-03 14:21:26,976 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [428787401] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:26,976 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:26,976 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:26,976 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1794667502] [2025-03-03 14:21:26,977 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:26,977 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:26,977 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:26,977 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:26,977 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:26,977 INFO L87 Difference]: Start difference. First operand 442 states and 697 transitions. Second operand has 5 states, 4 states have (on average 18.0) internal successors, (72), 5 states have internal predecessors, (72), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:27,015 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:27,016 INFO L93 Difference]: Finished difference Result 863 states and 1365 transitions. [2025-03-03 14:21:27,016 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:27,016 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 18.0) internal successors, (72), 5 states have internal predecessors, (72), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 110 [2025-03-03 14:21:27,016 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:27,018 INFO L225 Difference]: With dead ends: 863 [2025-03-03 14:21:27,018 INFO L226 Difference]: Without dead ends: 444 [2025-03-03 14:21:27,020 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:27,021 INFO L435 NwaCegarLoop]: 560 mSDtfsCounter, 1 mSDsluCounter, 1668 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2228 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:27,021 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2228 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:27,022 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 444 states. [2025-03-03 14:21:27,032 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 444 to 444. [2025-03-03 14:21:27,033 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 444 states, 347 states have (on average 1.5763688760806915) internal successors, (547), 355 states have internal predecessors, (547), 71 states have call successors, (71), 21 states have call predecessors, (71), 25 states have return successors, (82), 69 states have call predecessors, (82), 70 states have call successors, (82) [2025-03-03 14:21:27,035 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 444 states to 444 states and 700 transitions. [2025-03-03 14:21:27,036 INFO L78 Accepts]: Start accepts. Automaton has 444 states and 700 transitions. Word has length 110 [2025-03-03 14:21:27,036 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:27,036 INFO L471 AbstractCegarLoop]: Abstraction has 444 states and 700 transitions. [2025-03-03 14:21:27,037 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 18.0) internal successors, (72), 5 states have internal predecessors, (72), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:27,037 INFO L276 IsEmpty]: Start isEmpty. Operand 444 states and 700 transitions. [2025-03-03 14:21:27,038 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2025-03-03 14:21:27,038 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:27,038 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:27,038 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:21:27,039 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:27,039 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:27,039 INFO L85 PathProgramCache]: Analyzing trace with hash -1627415720, now seen corresponding path program 1 times [2025-03-03 14:21:27,039 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:27,039 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1479642786] [2025-03-03 14:21:27,039 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:27,039 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:27,062 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:21:27,068 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:21:27,068 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:27,068 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:27,130 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:21:27,130 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:27,131 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1479642786] [2025-03-03 14:21:27,131 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1479642786] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:27,131 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:27,131 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:27,131 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1925294128] [2025-03-03 14:21:27,131 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:27,131 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:27,131 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:27,132 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:27,132 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:27,132 INFO L87 Difference]: Start difference. First operand 444 states and 700 transitions. Second operand has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:27,176 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:27,176 INFO L93 Difference]: Finished difference Result 863 states and 1368 transitions. [2025-03-03 14:21:27,176 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:27,177 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 111 [2025-03-03 14:21:27,177 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:27,179 INFO L225 Difference]: With dead ends: 863 [2025-03-03 14:21:27,179 INFO L226 Difference]: Without dead ends: 446 [2025-03-03 14:21:27,181 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:27,181 INFO L435 NwaCegarLoop]: 556 mSDtfsCounter, 0 mSDsluCounter, 1651 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1 SdHoareTripleChecker+Valid, 2207 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:27,181 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [1 Valid, 2207 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:27,182 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 446 states. [2025-03-03 14:21:27,191 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 446 to 444. [2025-03-03 14:21:27,192 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 444 states, 347 states have (on average 1.5763688760806915) internal successors, (547), 355 states have internal predecessors, (547), 71 states have call successors, (71), 21 states have call predecessors, (71), 25 states have return successors, (82), 69 states have call predecessors, (82), 70 states have call successors, (82) [2025-03-03 14:21:27,195 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 444 states to 444 states and 700 transitions. [2025-03-03 14:21:27,195 INFO L78 Accepts]: Start accepts. Automaton has 444 states and 700 transitions. Word has length 111 [2025-03-03 14:21:27,196 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:27,196 INFO L471 AbstractCegarLoop]: Abstraction has 444 states and 700 transitions. [2025-03-03 14:21:27,196 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:21:27,196 INFO L276 IsEmpty]: Start isEmpty. Operand 444 states and 700 transitions. [2025-03-03 14:21:27,197 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2025-03-03 14:21:27,198 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:27,198 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:27,198 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2025-03-03 14:21:27,198 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:27,198 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:27,198 INFO L85 PathProgramCache]: Analyzing trace with hash -1019338857, now seen corresponding path program 1 times [2025-03-03 14:21:27,198 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:27,198 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [472070218] [2025-03-03 14:21:27,199 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:27,199 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:27,211 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:21:27,217 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:21:27,218 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:27,218 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:27,284 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:27,284 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:27,284 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [472070218] [2025-03-03 14:21:27,284 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [472070218] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:27,284 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1839200805] [2025-03-03 14:21:27,284 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:27,284 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:27,285 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:27,286 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:27,288 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-03 14:21:27,410 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:21:27,494 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:21:27,494 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:27,494 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:27,498 INFO L256 TraceCheckSpWp]: Trace formula consists of 1015 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:21:27,501 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:27,521 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:27,521 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:21:27,586 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:27,586 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1839200805] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:21:27,586 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:21:27,586 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2025-03-03 14:21:27,586 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1144455091] [2025-03-03 14:21:27,586 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:21:27,587 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-03 14:21:27,587 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:27,587 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-03 14:21:27,587 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:21:27,587 INFO L87 Difference]: Start difference. First operand 444 states and 700 transitions. Second operand has 7 states, 7 states have (on average 14.0) internal successors, (98), 7 states have internal predecessors, (98), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:21:27,705 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:27,705 INFO L93 Difference]: Finished difference Result 1058 states and 1724 transitions. [2025-03-03 14:21:27,705 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-03 14:21:27,705 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 14.0) internal successors, (98), 7 states have internal predecessors, (98), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 111 [2025-03-03 14:21:27,705 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:27,710 INFO L225 Difference]: With dead ends: 1058 [2025-03-03 14:21:27,710 INFO L226 Difference]: Without dead ends: 881 [2025-03-03 14:21:27,711 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 224 GetRequests, 219 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:21:27,711 INFO L435 NwaCegarLoop]: 600 mSDtfsCounter, 520 mSDsluCounter, 1492 mSDsCounter, 0 mSdLazyCounter, 69 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 574 SdHoareTripleChecker+Valid, 2092 SdHoareTripleChecker+Invalid, 80 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 69 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:27,711 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [574 Valid, 2092 Invalid, 80 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 69 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:21:27,712 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 881 states. [2025-03-03 14:21:27,730 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 881 to 857. [2025-03-03 14:21:27,731 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 857 states, 681 states have (on average 1.6372980910425845) internal successors, (1115), 689 states have internal predecessors, (1115), 150 states have call successors, (150), 21 states have call predecessors, (150), 25 states have return successors, (171), 148 states have call predecessors, (171), 149 states have call successors, (171) [2025-03-03 14:21:27,735 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 857 states to 857 states and 1436 transitions. [2025-03-03 14:21:27,735 INFO L78 Accepts]: Start accepts. Automaton has 857 states and 1436 transitions. Word has length 111 [2025-03-03 14:21:27,736 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:27,736 INFO L471 AbstractCegarLoop]: Abstraction has 857 states and 1436 transitions. [2025-03-03 14:21:27,736 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 14.0) internal successors, (98), 7 states have internal predecessors, (98), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:21:27,736 INFO L276 IsEmpty]: Start isEmpty. Operand 857 states and 1436 transitions. [2025-03-03 14:21:27,739 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 118 [2025-03-03 14:21:27,739 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:27,739 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:27,750 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Ended with exit code 0 [2025-03-03 14:21:27,939 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:27,940 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:27,940 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:27,940 INFO L85 PathProgramCache]: Analyzing trace with hash -1455337737, now seen corresponding path program 1 times [2025-03-03 14:21:27,940 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:27,940 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1217397603] [2025-03-03 14:21:27,940 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:27,940 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:27,952 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 117 statements into 1 equivalence classes. [2025-03-03 14:21:27,958 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 117 of 117 statements. [2025-03-03 14:21:27,958 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:27,958 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:28,000 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:28,000 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:28,000 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1217397603] [2025-03-03 14:21:28,001 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1217397603] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:28,001 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:28,001 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:28,001 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [263115804] [2025-03-03 14:21:28,001 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:28,001 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:28,001 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:28,002 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:28,002 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:28,002 INFO L87 Difference]: Start difference. First operand 857 states and 1436 transitions. Second operand has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:28,041 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:28,041 INFO L93 Difference]: Finished difference Result 2066 states and 3506 transitions. [2025-03-03 14:21:28,042 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:28,042 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 117 [2025-03-03 14:21:28,042 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:28,049 INFO L225 Difference]: With dead ends: 2066 [2025-03-03 14:21:28,049 INFO L226 Difference]: Without dead ends: 1275 [2025-03-03 14:21:28,052 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:28,052 INFO L435 NwaCegarLoop]: 584 mSDtfsCounter, 132 mSDsluCounter, 564 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 150 SdHoareTripleChecker+Valid, 1148 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:28,053 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [150 Valid, 1148 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:28,054 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1275 states. [2025-03-03 14:21:28,100 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1275 to 1267. [2025-03-03 14:21:28,102 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1267 states, 1012 states have (on average 1.650197628458498) internal successors, (1670), 1020 states have internal predecessors, (1670), 229 states have call successors, (229), 21 states have call predecessors, (229), 25 states have return successors, (260), 227 states have call predecessors, (260), 228 states have call successors, (260) [2025-03-03 14:21:28,109 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1267 states to 1267 states and 2159 transitions. [2025-03-03 14:21:28,110 INFO L78 Accepts]: Start accepts. Automaton has 1267 states and 2159 transitions. Word has length 117 [2025-03-03 14:21:28,110 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:28,110 INFO L471 AbstractCegarLoop]: Abstraction has 1267 states and 2159 transitions. [2025-03-03 14:21:28,110 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:28,110 INFO L276 IsEmpty]: Start isEmpty. Operand 1267 states and 2159 transitions. [2025-03-03 14:21:28,117 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2025-03-03 14:21:28,117 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:28,117 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:28,117 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-03 14:21:28,117 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:28,119 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:28,119 INFO L85 PathProgramCache]: Analyzing trace with hash 2052564074, now seen corresponding path program 1 times [2025-03-03 14:21:28,119 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:28,119 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1531407426] [2025-03-03 14:21:28,119 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:28,119 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:28,136 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-03-03 14:21:28,144 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-03-03 14:21:28,145 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:28,145 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:28,178 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:28,178 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:28,178 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1531407426] [2025-03-03 14:21:28,178 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1531407426] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:28,179 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:28,179 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:28,179 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [884365120] [2025-03-03 14:21:28,179 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:28,179 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:28,179 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:28,180 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:28,180 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:28,180 INFO L87 Difference]: Start difference. First operand 1267 states and 2159 transitions. Second operand has 3 states, 3 states have (on average 26.0) internal successors, (78), 3 states have internal predecessors, (78), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:28,227 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:28,228 INFO L93 Difference]: Finished difference Result 3069 states and 5257 transitions. [2025-03-03 14:21:28,228 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:28,228 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.0) internal successors, (78), 3 states have internal predecessors, (78), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 118 [2025-03-03 14:21:28,228 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:28,237 INFO L225 Difference]: With dead ends: 3069 [2025-03-03 14:21:28,238 INFO L226 Difference]: Without dead ends: 1919 [2025-03-03 14:21:28,241 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:28,242 INFO L435 NwaCegarLoop]: 572 mSDtfsCounter, 130 mSDsluCounter, 560 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 148 SdHoareTripleChecker+Valid, 1132 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:28,242 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [148 Valid, 1132 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:28,244 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1919 states. [2025-03-03 14:21:28,296 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1919 to 1911. [2025-03-03 14:21:28,299 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1911 states, 1537 states have (on average 1.6584255042290175) internal successors, (2549), 1545 states have internal predecessors, (2549), 348 states have call successors, (348), 21 states have call predecessors, (348), 25 states have return successors, (379), 346 states have call predecessors, (379), 347 states have call successors, (379) [2025-03-03 14:21:28,307 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1911 states to 1911 states and 3276 transitions. [2025-03-03 14:21:28,309 INFO L78 Accepts]: Start accepts. Automaton has 1911 states and 3276 transitions. Word has length 118 [2025-03-03 14:21:28,309 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:28,309 INFO L471 AbstractCegarLoop]: Abstraction has 1911 states and 3276 transitions. [2025-03-03 14:21:28,309 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.0) internal successors, (78), 3 states have internal predecessors, (78), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:28,309 INFO L276 IsEmpty]: Start isEmpty. Operand 1911 states and 3276 transitions. [2025-03-03 14:21:28,317 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 120 [2025-03-03 14:21:28,317 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:28,317 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:28,317 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-03-03 14:21:28,317 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:28,318 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:28,318 INFO L85 PathProgramCache]: Analyzing trace with hash -1856289386, now seen corresponding path program 1 times [2025-03-03 14:21:28,318 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:28,318 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1167968993] [2025-03-03 14:21:28,318 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:28,318 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:28,334 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 119 statements into 1 equivalence classes. [2025-03-03 14:21:28,340 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 119 of 119 statements. [2025-03-03 14:21:28,341 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:28,341 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:28,369 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:28,370 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:28,370 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1167968993] [2025-03-03 14:21:28,370 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1167968993] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:28,370 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:28,370 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:28,370 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [863321870] [2025-03-03 14:21:28,370 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:28,370 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:28,371 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:28,371 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:28,371 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:28,371 INFO L87 Difference]: Start difference. First operand 1911 states and 3276 transitions. Second operand has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:28,431 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:28,431 INFO L93 Difference]: Finished difference Result 4581 states and 7907 transitions. [2025-03-03 14:21:28,431 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:28,432 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 119 [2025-03-03 14:21:28,432 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:28,445 INFO L225 Difference]: With dead ends: 4581 [2025-03-03 14:21:28,445 INFO L226 Difference]: Without dead ends: 2909 [2025-03-03 14:21:28,450 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:28,451 INFO L435 NwaCegarLoop]: 565 mSDtfsCounter, 128 mSDsluCounter, 556 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 1121 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:28,451 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 1121 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:28,453 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2909 states. [2025-03-03 14:21:28,539 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2909 to 2901. [2025-03-03 14:21:28,543 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2901 states, 2365 states have (on average 1.6651162790697673) internal successors, (3938), 2373 states have internal predecessors, (3938), 510 states have call successors, (510), 21 states have call predecessors, (510), 25 states have return successors, (557), 508 states have call predecessors, (557), 509 states have call successors, (557) [2025-03-03 14:21:28,557 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2901 states to 2901 states and 5005 transitions. [2025-03-03 14:21:28,558 INFO L78 Accepts]: Start accepts. Automaton has 2901 states and 5005 transitions. Word has length 119 [2025-03-03 14:21:28,559 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:28,559 INFO L471 AbstractCegarLoop]: Abstraction has 2901 states and 5005 transitions. [2025-03-03 14:21:28,559 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:28,559 INFO L276 IsEmpty]: Start isEmpty. Operand 2901 states and 5005 transitions. [2025-03-03 14:21:28,570 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 121 [2025-03-03 14:21:28,570 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:28,570 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:28,570 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-03 14:21:28,570 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:28,570 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:28,571 INFO L85 PathProgramCache]: Analyzing trace with hash -1900529813, now seen corresponding path program 1 times [2025-03-03 14:21:28,571 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:28,571 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1544355492] [2025-03-03 14:21:28,571 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:28,571 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:28,583 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 120 statements into 1 equivalence classes. [2025-03-03 14:21:28,590 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 120 of 120 statements. [2025-03-03 14:21:28,590 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:28,590 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:28,622 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:28,622 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:28,622 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1544355492] [2025-03-03 14:21:28,622 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1544355492] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:28,622 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:28,622 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:28,622 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [79102195] [2025-03-03 14:21:28,623 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:28,623 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:28,623 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:28,624 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:28,624 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:28,624 INFO L87 Difference]: Start difference. First operand 2901 states and 5005 transitions. Second operand has 3 states, 3 states have (on average 26.666666666666668) internal successors, (80), 3 states have internal predecessors, (80), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:28,716 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:28,716 INFO L93 Difference]: Finished difference Result 6974 states and 12108 transitions. [2025-03-03 14:21:28,716 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:28,716 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.666666666666668) internal successors, (80), 3 states have internal predecessors, (80), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 120 [2025-03-03 14:21:28,717 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:28,739 INFO L225 Difference]: With dead ends: 6974 [2025-03-03 14:21:28,739 INFO L226 Difference]: Without dead ends: 4512 [2025-03-03 14:21:28,749 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:28,750 INFO L435 NwaCegarLoop]: 565 mSDtfsCounter, 126 mSDsluCounter, 556 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 1121 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:28,750 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 1121 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:28,753 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4512 states. [2025-03-03 14:21:28,917 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4512 to 4504. [2025-03-03 14:21:28,924 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4504 states, 3723 states have (on average 1.6698898737577224) internal successors, (6217), 3731 states have internal predecessors, (6217), 755 states have call successors, (755), 21 states have call predecessors, (755), 25 states have return successors, (828), 753 states have call predecessors, (828), 754 states have call successors, (828) [2025-03-03 14:21:28,945 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4504 states to 4504 states and 7800 transitions. [2025-03-03 14:21:28,947 INFO L78 Accepts]: Start accepts. Automaton has 4504 states and 7800 transitions. Word has length 120 [2025-03-03 14:21:28,948 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:28,948 INFO L471 AbstractCegarLoop]: Abstraction has 4504 states and 7800 transitions. [2025-03-03 14:21:28,948 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.666666666666668) internal successors, (80), 3 states have internal predecessors, (80), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:28,948 INFO L276 IsEmpty]: Start isEmpty. Operand 4504 states and 7800 transitions. [2025-03-03 14:21:28,962 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2025-03-03 14:21:28,963 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:28,963 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:28,963 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-03 14:21:28,963 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:28,963 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:28,963 INFO L85 PathProgramCache]: Analyzing trace with hash 349967701, now seen corresponding path program 1 times [2025-03-03 14:21:28,964 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:28,964 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [587139474] [2025-03-03 14:21:28,964 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:28,964 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:28,979 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 121 statements into 1 equivalence classes. [2025-03-03 14:21:28,985 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 121 of 121 statements. [2025-03-03 14:21:28,986 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:28,986 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:29,017 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:29,017 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:29,017 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [587139474] [2025-03-03 14:21:29,017 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [587139474] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:29,017 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:29,018 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:29,018 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [821744572] [2025-03-03 14:21:29,018 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:29,018 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:29,018 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:29,018 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:29,018 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:29,018 INFO L87 Difference]: Start difference. First operand 4504 states and 7800 transitions. Second operand has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:29,146 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:29,147 INFO L93 Difference]: Finished difference Result 10964 states and 19112 transitions. [2025-03-03 14:21:29,147 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:29,148 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 121 [2025-03-03 14:21:29,148 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:29,195 INFO L225 Difference]: With dead ends: 10964 [2025-03-03 14:21:29,198 INFO L226 Difference]: Without dead ends: 7206 [2025-03-03 14:21:29,214 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:29,215 INFO L435 NwaCegarLoop]: 584 mSDtfsCounter, 124 mSDsluCounter, 556 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1140 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:29,215 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1140 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:29,221 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 7206 states. [2025-03-03 14:21:29,471 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 7206 to 7198. [2025-03-03 14:21:29,484 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7198 states, 5924 states have (on average 1.6682984469952735) internal successors, (9883), 5932 states have internal predecessors, (9883), 1248 states have call successors, (1248), 21 states have call predecessors, (1248), 25 states have return successors, (1365), 1246 states have call predecessors, (1365), 1247 states have call successors, (1365) [2025-03-03 14:21:29,510 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7198 states to 7198 states and 12496 transitions. [2025-03-03 14:21:29,514 INFO L78 Accepts]: Start accepts. Automaton has 7198 states and 12496 transitions. Word has length 121 [2025-03-03 14:21:29,514 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:29,514 INFO L471 AbstractCegarLoop]: Abstraction has 7198 states and 12496 transitions. [2025-03-03 14:21:29,515 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:29,515 INFO L276 IsEmpty]: Start isEmpty. Operand 7198 states and 12496 transitions. [2025-03-03 14:21:29,532 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 123 [2025-03-03 14:21:29,533 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:29,533 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:29,533 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-03 14:21:29,533 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:29,533 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:29,533 INFO L85 PathProgramCache]: Analyzing trace with hash 1066098796, now seen corresponding path program 1 times [2025-03-03 14:21:29,533 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:29,534 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1211119598] [2025-03-03 14:21:29,534 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:29,534 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:29,545 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 122 statements into 1 equivalence classes. [2025-03-03 14:21:29,550 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 122 of 122 statements. [2025-03-03 14:21:29,550 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:29,550 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:29,573 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:29,573 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:29,573 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1211119598] [2025-03-03 14:21:29,573 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1211119598] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:29,573 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:29,573 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:29,573 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1896332787] [2025-03-03 14:21:29,573 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:29,573 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:29,574 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:29,574 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:29,574 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:29,574 INFO L87 Difference]: Start difference. First operand 7198 states and 12496 transitions. Second operand has 3 states, 3 states have (on average 27.333333333333332) internal successors, (82), 3 states have internal predecessors, (82), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:29,900 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:29,901 INFO L93 Difference]: Finished difference Result 18194 states and 31780 transitions. [2025-03-03 14:21:29,901 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:29,901 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.333333333333332) internal successors, (82), 3 states have internal predecessors, (82), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 122 [2025-03-03 14:21:29,902 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:29,950 INFO L225 Difference]: With dead ends: 18194 [2025-03-03 14:21:29,950 INFO L226 Difference]: Without dead ends: 12113 [2025-03-03 14:21:29,979 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:29,979 INFO L435 NwaCegarLoop]: 565 mSDtfsCounter, 122 mSDsluCounter, 559 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1124 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:29,980 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1124 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:21:29,990 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 12113 states. [2025-03-03 14:21:30,367 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 12113 to 12105. [2025-03-03 14:21:30,384 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12105 states, 10009 states have (on average 1.6685982615645918) internal successors, (16701), 10017 states have internal predecessors, (16701), 2070 states have call successors, (2070), 21 states have call predecessors, (2070), 25 states have return successors, (2265), 2068 states have call predecessors, (2265), 2069 states have call successors, (2265) [2025-03-03 14:21:30,423 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12105 states to 12105 states and 21036 transitions. [2025-03-03 14:21:30,429 INFO L78 Accepts]: Start accepts. Automaton has 12105 states and 21036 transitions. Word has length 122 [2025-03-03 14:21:30,429 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:30,429 INFO L471 AbstractCegarLoop]: Abstraction has 12105 states and 21036 transitions. [2025-03-03 14:21:30,429 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.333333333333332) internal successors, (82), 3 states have internal predecessors, (82), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:30,429 INFO L276 IsEmpty]: Start isEmpty. Operand 12105 states and 21036 transitions. [2025-03-03 14:21:30,452 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 124 [2025-03-03 14:21:30,452 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:30,452 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:30,453 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-03 14:21:30,453 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:30,453 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:30,453 INFO L85 PathProgramCache]: Analyzing trace with hash -795836620, now seen corresponding path program 1 times [2025-03-03 14:21:30,453 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:30,453 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2060202017] [2025-03-03 14:21:30,453 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:30,453 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:30,465 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 123 statements into 1 equivalence classes. [2025-03-03 14:21:30,470 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 123 of 123 statements. [2025-03-03 14:21:30,471 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:30,471 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:30,494 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:30,495 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:30,495 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2060202017] [2025-03-03 14:21:30,495 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2060202017] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:30,495 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:30,495 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:30,495 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [573197964] [2025-03-03 14:21:30,495 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:30,495 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:30,495 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:30,496 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:30,496 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:30,496 INFO L87 Difference]: Start difference. First operand 12105 states and 21036 transitions. Second operand has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:30,873 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:30,874 INFO L93 Difference]: Finished difference Result 28950 states and 50262 transitions. [2025-03-03 14:21:30,874 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:30,874 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 123 [2025-03-03 14:21:30,874 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:30,936 INFO L225 Difference]: With dead ends: 28950 [2025-03-03 14:21:30,936 INFO L226 Difference]: Without dead ends: 18929 [2025-03-03 14:21:30,971 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:30,972 INFO L435 NwaCegarLoop]: 572 mSDtfsCounter, 120 mSDsluCounter, 532 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1104 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:30,972 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1104 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:30,988 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 18929 states. [2025-03-03 14:21:31,602 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 18929 to 18921. [2025-03-03 14:21:31,630 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 18921 states, 15622 states have (on average 1.6454999359877096) internal successors, (25706), 15630 states have internal predecessors, (25706), 3273 states have call successors, (3273), 21 states have call predecessors, (3273), 25 states have return successors, (3612), 3271 states have call predecessors, (3612), 3272 states have call successors, (3612) [2025-03-03 14:21:31,705 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18921 states to 18921 states and 32591 transitions. [2025-03-03 14:21:31,713 INFO L78 Accepts]: Start accepts. Automaton has 18921 states and 32591 transitions. Word has length 123 [2025-03-03 14:21:31,713 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:31,713 INFO L471 AbstractCegarLoop]: Abstraction has 18921 states and 32591 transitions. [2025-03-03 14:21:31,713 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:31,713 INFO L276 IsEmpty]: Start isEmpty. Operand 18921 states and 32591 transitions. [2025-03-03 14:21:31,739 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 125 [2025-03-03 14:21:31,740 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:31,740 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:31,740 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-03 14:21:31,740 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:31,741 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:31,741 INFO L85 PathProgramCache]: Analyzing trace with hash 1983251693, now seen corresponding path program 1 times [2025-03-03 14:21:31,741 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:31,741 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [311266268] [2025-03-03 14:21:31,741 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:31,742 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:31,758 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 124 statements into 1 equivalence classes. [2025-03-03 14:21:31,767 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 124 of 124 statements. [2025-03-03 14:21:31,767 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:31,768 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:31,805 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:31,805 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:31,805 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [311266268] [2025-03-03 14:21:31,805 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [311266268] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:31,805 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:31,805 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:31,805 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [509396481] [2025-03-03 14:21:31,805 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:31,806 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:31,806 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:31,807 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:31,807 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:31,807 INFO L87 Difference]: Start difference. First operand 18921 states and 32591 transitions. Second operand has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:32,685 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:32,686 INFO L93 Difference]: Finished difference Result 49987 states and 86447 transitions. [2025-03-03 14:21:32,686 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:32,686 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 124 [2025-03-03 14:21:32,687 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:32,792 INFO L225 Difference]: With dead ends: 49987 [2025-03-03 14:21:32,792 INFO L226 Difference]: Without dead ends: 33784 [2025-03-03 14:21:32,817 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:32,818 INFO L435 NwaCegarLoop]: 565 mSDtfsCounter, 118 mSDsluCounter, 559 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1124 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:32,818 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1124 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:32,844 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 33784 states. [2025-03-03 14:21:33,632 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 33784 to 33776. [2025-03-03 14:21:33,682 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 33776 states, 28027 states have (on average 1.6428087201627002) internal successors, (46043), 28035 states have internal predecessors, (46043), 5723 states have call successors, (5723), 21 states have call predecessors, (5723), 25 states have return successors, (6336), 5721 states have call predecessors, (6336), 5722 states have call successors, (6336) [2025-03-03 14:21:33,780 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 33776 states to 33776 states and 58102 transitions. [2025-03-03 14:21:33,794 INFO L78 Accepts]: Start accepts. Automaton has 33776 states and 58102 transitions. Word has length 124 [2025-03-03 14:21:33,794 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:33,794 INFO L471 AbstractCegarLoop]: Abstraction has 33776 states and 58102 transitions. [2025-03-03 14:21:33,794 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:33,794 INFO L276 IsEmpty]: Start isEmpty. Operand 33776 states and 58102 transitions. [2025-03-03 14:21:33,819 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 126 [2025-03-03 14:21:33,819 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:33,819 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:33,820 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-03 14:21:33,820 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:33,820 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:33,820 INFO L85 PathProgramCache]: Analyzing trace with hash 1281321011, now seen corresponding path program 1 times [2025-03-03 14:21:33,820 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:33,820 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [626008367] [2025-03-03 14:21:33,820 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:33,820 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:33,833 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 125 statements into 1 equivalence classes. [2025-03-03 14:21:33,839 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 125 of 125 statements. [2025-03-03 14:21:33,841 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:33,841 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:33,866 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:33,867 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:33,867 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [626008367] [2025-03-03 14:21:33,867 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [626008367] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:33,867 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:33,867 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:33,867 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1175372909] [2025-03-03 14:21:33,867 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:33,867 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:33,868 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:33,868 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:33,868 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:33,869 INFO L87 Difference]: Start difference. First operand 33776 states and 58102 transitions. Second operand has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:34,975 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:34,975 INFO L93 Difference]: Finished difference Result 92079 states and 158929 transitions. [2025-03-03 14:21:34,975 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:34,976 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 125 [2025-03-03 14:21:34,976 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:35,241 INFO L225 Difference]: With dead ends: 92079 [2025-03-03 14:21:35,242 INFO L226 Difference]: Without dead ends: 61928 [2025-03-03 14:21:35,329 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:35,332 INFO L435 NwaCegarLoop]: 577 mSDtfsCounter, 116 mSDsluCounter, 560 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1137 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:35,332 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1137 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:35,377 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 61928 states. [2025-03-03 14:21:37,153 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 61928 to 61920. [2025-03-03 14:21:37,238 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 61920 states, 51658 states have (on average 1.6390684889078169) internal successors, (84671), 51666 states have internal predecessors, (84671), 10236 states have call successors, (10236), 21 states have call predecessors, (10236), 25 states have return successors, (11381), 10234 states have call predecessors, (11381), 10235 states have call successors, (11381) [2025-03-03 14:21:37,415 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 61920 states to 61920 states and 106288 transitions. [2025-03-03 14:21:37,443 INFO L78 Accepts]: Start accepts. Automaton has 61920 states and 106288 transitions. Word has length 125 [2025-03-03 14:21:37,444 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:37,444 INFO L471 AbstractCegarLoop]: Abstraction has 61920 states and 106288 transitions. [2025-03-03 14:21:37,444 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:37,444 INFO L276 IsEmpty]: Start isEmpty. Operand 61920 states and 106288 transitions. [2025-03-03 14:21:37,467 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 127 [2025-03-03 14:21:37,467 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:37,468 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:37,468 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-03 14:21:37,468 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:37,468 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:37,468 INFO L85 PathProgramCache]: Analyzing trace with hash -1214119410, now seen corresponding path program 1 times [2025-03-03 14:21:37,468 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:37,469 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [881162937] [2025-03-03 14:21:37,469 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:37,469 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:37,481 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 126 statements into 1 equivalence classes. [2025-03-03 14:21:37,489 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 126 of 126 statements. [2025-03-03 14:21:37,489 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:37,489 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:37,515 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:37,515 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:37,515 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [881162937] [2025-03-03 14:21:37,515 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [881162937] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:37,515 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:37,516 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:37,516 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1451982976] [2025-03-03 14:21:37,516 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:37,516 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:37,516 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:37,517 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:37,517 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:37,517 INFO L87 Difference]: Start difference. First operand 61920 states and 106288 transitions. Second operand has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:39,744 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:39,744 INFO L93 Difference]: Finished difference Result 115945 states and 199484 transitions. [2025-03-03 14:21:39,744 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:39,745 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 126 [2025-03-03 14:21:39,745 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:40,172 INFO L225 Difference]: With dead ends: 115945 [2025-03-03 14:21:40,173 INFO L226 Difference]: Without dead ends: 115768 [2025-03-03 14:21:40,217 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:40,217 INFO L435 NwaCegarLoop]: 574 mSDtfsCounter, 111 mSDsluCounter, 564 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1138 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:40,218 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1138 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:40,295 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 115768 states. [2025-03-03 14:21:42,869 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 115768 to 115760. [2025-03-03 14:21:43,015 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 115760 states, 97130 states have (on average 1.6341912900236797) internal successors, (158729), 97138 states have internal predecessors, (158729), 18604 states have call successors, (18604), 21 states have call predecessors, (18604), 25 states have return successors, (20795), 18602 states have call predecessors, (20795), 18603 states have call successors, (20795) [2025-03-03 14:21:43,484 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 115760 states to 115760 states and 198128 transitions. [2025-03-03 14:21:43,517 INFO L78 Accepts]: Start accepts. Automaton has 115760 states and 198128 transitions. Word has length 126 [2025-03-03 14:21:43,517 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:43,517 INFO L471 AbstractCegarLoop]: Abstraction has 115760 states and 198128 transitions. [2025-03-03 14:21:43,517 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:21:43,518 INFO L276 IsEmpty]: Start isEmpty. Operand 115760 states and 198128 transitions. [2025-03-03 14:21:43,555 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 128 [2025-03-03 14:21:43,555 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:43,555 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:43,555 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2025-03-03 14:21:43,555 INFO L396 AbstractCegarLoop]: === Iteration 22 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:43,556 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:43,556 INFO L85 PathProgramCache]: Analyzing trace with hash -1822017294, now seen corresponding path program 1 times [2025-03-03 14:21:43,556 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:43,556 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2033942333] [2025-03-03 14:21:43,556 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:43,556 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:43,573 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-03-03 14:21:43,581 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-03-03 14:21:43,582 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:43,582 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:43,854 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:43,855 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:43,855 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2033942333] [2025-03-03 14:21:43,855 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2033942333] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:43,855 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:43,855 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [12] imperfect sequences [] total 12 [2025-03-03 14:21:43,855 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2007295098] [2025-03-03 14:21:43,855 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:43,856 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2025-03-03 14:21:43,856 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:43,857 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2025-03-03 14:21:43,857 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=111, Unknown=0, NotChecked=0, Total=132 [2025-03-03 14:21:43,857 INFO L87 Difference]: Start difference. First operand 115760 states and 198128 transitions. Second operand has 12 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 5 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (12), 6 states have call predecessors, (12), 5 states have call successors, (12) [2025-03-03 14:21:49,120 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:49,120 INFO L93 Difference]: Finished difference Result 230640 states and 400232 transitions. [2025-03-03 14:21:49,120 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2025-03-03 14:21:49,121 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 5 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (12), 6 states have call predecessors, (12), 5 states have call successors, (12) Word has length 127 [2025-03-03 14:21:49,121 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:50,129 INFO L225 Difference]: With dead ends: 230640 [2025-03-03 14:21:50,130 INFO L226 Difference]: Without dead ends: 230469 [2025-03-03 14:21:50,229 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 69 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=125, Invalid=525, Unknown=0, NotChecked=0, Total=650 [2025-03-03 14:21:50,230 INFO L435 NwaCegarLoop]: 689 mSDtfsCounter, 1410 mSDsluCounter, 5815 mSDsCounter, 0 mSdLazyCounter, 1111 mSolverCounterSat, 394 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1410 SdHoareTripleChecker+Valid, 6504 SdHoareTripleChecker+Invalid, 1505 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 394 IncrementalHoareTripleChecker+Valid, 1111 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.2s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:50,230 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [1410 Valid, 6504 Invalid, 1505 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [394 Valid, 1111 Invalid, 0 Unknown, 0 Unchecked, 1.2s Time] [2025-03-03 14:21:50,373 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 230469 states. [2025-03-03 14:21:56,633 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 230469 to 230434. [2025-03-03 14:21:56,891 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 230434 states, 193416 states have (on average 1.6348027050502543) internal successors, (316197), 193321 states have internal predecessors, (316197), 36957 states have call successors, (36957), 54 states have call predecessors, (36957), 60 states have return successors, (44619), 37064 states have call predecessors, (44619), 36954 states have call successors, (44619) [2025-03-03 14:21:57,640 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 230434 states to 230434 states and 397773 transitions. [2025-03-03 14:21:57,704 INFO L78 Accepts]: Start accepts. Automaton has 230434 states and 397773 transitions. Word has length 127 [2025-03-03 14:21:57,704 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:57,704 INFO L471 AbstractCegarLoop]: Abstraction has 230434 states and 397773 transitions. [2025-03-03 14:21:57,704 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 5 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (12), 6 states have call predecessors, (12), 5 states have call successors, (12) [2025-03-03 14:21:57,705 INFO L276 IsEmpty]: Start isEmpty. Operand 230434 states and 397773 transitions. [2025-03-03 14:21:57,766 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 129 [2025-03-03 14:21:57,766 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:57,766 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:57,766 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable21 [2025-03-03 14:21:57,767 INFO L396 AbstractCegarLoop]: === Iteration 23 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:57,767 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:57,767 INFO L85 PathProgramCache]: Analyzing trace with hash 40141684, now seen corresponding path program 1 times [2025-03-03 14:21:57,767 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:57,767 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1714323775] [2025-03-03 14:21:57,767 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:57,767 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:57,780 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 128 statements into 1 equivalence classes. [2025-03-03 14:21:57,789 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 128 of 128 statements. [2025-03-03 14:21:57,790 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:57,790 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:57,844 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:57,845 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:57,845 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1714323775] [2025-03-03 14:21:57,845 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1714323775] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:57,845 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:57,845 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-03 14:21:57,845 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2093399378] [2025-03-03 14:21:57,845 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:57,846 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-03 14:21:57,846 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:57,846 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-03 14:21:57,846 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:21:57,846 INFO L87 Difference]: Start difference. First operand 230434 states and 397773 transitions. Second operand has 4 states, 4 states have (on average 22.0) internal successors, (88), 4 states have internal predecessors, (88), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12)