./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec6_product29.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec6_product29.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 3d972cfbd720871733ec5c68c499418657e5e73014fcfa137b0a1c37f3300ef7 --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:25:13,432 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:25:13,484 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:25:13,487 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:25:13,487 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:25:13,506 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:25:13,507 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:25:13,507 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:25:13,507 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:25:13,508 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:25:13,508 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:25:13,508 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:25:13,509 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:25:13,509 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:25:13,509 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:25:13,509 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:25:13,509 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:25:13,509 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:25:13,509 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:25:13,510 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:25:13,510 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:25:13,510 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:25:13,510 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:25:13,510 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:25:13,510 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:25:13,510 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:25:13,510 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:25:13,510 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:25:13,510 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:25:13,510 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:25:13,511 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:25:13,511 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:25:13,511 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:25:13,511 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:25:13,511 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:25:13,511 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:25:13,511 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:25:13,511 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:25:13,511 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:25:13,511 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:25:13,511 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:25:13,512 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:25:13,512 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:25:13,512 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 3d972cfbd720871733ec5c68c499418657e5e73014fcfa137b0a1c37f3300ef7 [2025-03-03 14:25:13,725 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:25:13,731 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:25:13,734 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:25:13,735 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:25:13,735 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:25:13,736 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec6_product29.cil.c [2025-03-03 14:25:14,906 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/8d3ca7b01/32bba46b6bfd4571ae9ee844f83d2840/FLAG97d70dd56 [2025-03-03 14:25:15,259 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:25:15,259 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec6_product29.cil.c [2025-03-03 14:25:15,276 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/8d3ca7b01/32bba46b6bfd4571ae9ee844f83d2840/FLAG97d70dd56 [2025-03-03 14:25:15,488 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/8d3ca7b01/32bba46b6bfd4571ae9ee844f83d2840 [2025-03-03 14:25:15,491 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:25:15,492 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:25:15,493 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:25:15,493 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:25:15,497 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:25:15,498 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:25:15" (1/1) ... [2025-03-03 14:25:15,498 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@466b37dc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:15, skipping insertion in model container [2025-03-03 14:25:15,498 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:25:15" (1/1) ... [2025-03-03 14:25:15,537 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:25:15,847 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec6_product29.cil.c[42927,42940] [2025-03-03 14:25:15,934 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:25:15,951 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:25:15,958 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [48] [2025-03-03 14:25:15,960 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [368] [2025-03-03 14:25:15,960 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EncryptDecrypt_spec.i","") [734] [2025-03-03 14:25:15,960 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [785] [2025-03-03 14:25:15,960 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1854] [2025-03-03 14:25:15,961 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [1863] [2025-03-03 14:25:15,961 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [2079] [2025-03-03 14:25:15,961 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [2096] [2025-03-03 14:25:15,961 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [2131] [2025-03-03 14:25:15,961 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [2277] [2025-03-03 14:25:15,961 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [2679] [2025-03-03 14:25:16,007 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec6_product29.cil.c[42927,42940] [2025-03-03 14:25:16,039 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:25:16,080 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:25:16,081 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16 WrapperNode [2025-03-03 14:25:16,082 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:25:16,082 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:25:16,083 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:25:16,083 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:25:16,088 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (1/1) ... [2025-03-03 14:25:16,117 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (1/1) ... [2025-03-03 14:25:16,185 INFO L138 Inliner]: procedures = 132, calls = 216, calls flagged for inlining = 56, calls inlined = 48, statements flattened = 947 [2025-03-03 14:25:16,189 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:25:16,190 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:25:16,193 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:25:16,193 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:25:16,202 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (1/1) ... [2025-03-03 14:25:16,203 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (1/1) ... [2025-03-03 14:25:16,212 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (1/1) ... [2025-03-03 14:25:16,236 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-03 14:25:16,236 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (1/1) ... [2025-03-03 14:25:16,237 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (1/1) ... [2025-03-03 14:25:16,259 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (1/1) ... [2025-03-03 14:25:16,265 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (1/1) ... [2025-03-03 14:25:16,268 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (1/1) ... [2025-03-03 14:25:16,277 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (1/1) ... [2025-03-03 14:25:16,288 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:25:16,289 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:25:16,291 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:25:16,291 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:25:16,292 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (1/1) ... [2025-03-03 14:25:16,296 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:25:16,308 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:16,321 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:25:16,324 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:25:16,345 INFO L130 BoogieDeclarations]: Found specification of procedure getClientPrivateKey [2025-03-03 14:25:16,346 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientPrivateKey [2025-03-03 14:25:16,346 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-03 14:25:16,346 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-03 14:25:16,346 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-03 14:25:16,346 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-03 14:25:16,346 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-03 14:25:16,346 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-03 14:25:16,346 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-03 14:25:16,346 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-03 14:25:16,347 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-03 14:25:16,347 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-03 14:25:16,347 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-03 14:25:16,347 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-03 14:25:16,347 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2025-03-03 14:25:16,347 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2025-03-03 14:25:16,347 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-03 14:25:16,347 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-03 14:25:16,347 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-03 14:25:16,347 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailSignKey [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailSignKey [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure isSigned [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure isSigned [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure isKeyPairValid [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure isKeyPairValid [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure findPublicKey [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure findPublicKey [2025-03-03 14:25:16,348 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-03 14:25:16,348 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-03 14:25:16,350 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-03 14:25:16,350 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-03 14:25:16,350 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-03 14:25:16,350 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-03 14:25:16,350 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-03 14:25:16,350 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-03 14:25:16,350 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:25:16,350 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-03 14:25:16,350 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-03 14:25:16,350 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-03 14:25:16,350 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-03 14:25:16,350 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-03 14:25:16,350 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-03 14:25:16,350 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-03 14:25:16,350 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:25:16,350 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:25:16,530 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:25:16,532 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:25:16,626 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2586: #res := ~retValue_acc~36; [2025-03-03 14:25:16,636 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2957: #res := ~retValue_acc~43; [2025-03-03 14:25:16,681 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1488: #res#1 := ~retValue_acc~15#1; [2025-03-03 14:25:16,681 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1443-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~14#1; [2025-03-03 14:25:16,839 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1831-1: getClientId_#res#1 := getClientId_~retValue_acc~20#1; [2025-03-03 14:25:16,862 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1712: #res := ~retValue_acc~18; [2025-03-03 14:25:16,872 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1396: #res := ~retValue_acc~13; [2025-03-03 14:25:16,880 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2274-1: createEmail_#res#1 := createEmail_~retValue_acc~27#1; [2025-03-03 14:25:16,892 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L940: #res := ~retValue_acc~7; [2025-03-03 14:25:16,912 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2512: #res := ~retValue_acc~34; [2025-03-03 14:25:16,950 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2549: #res := ~retValue_acc~35; [2025-03-03 14:25:16,958 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2623: #res := ~retValue_acc~37; [2025-03-03 14:25:16,992 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2397: #res := ~retValue_acc~31; [2025-03-03 14:25:17,049 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1266: #res := ~retValue_acc~11; [2025-03-03 14:25:17,316 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2128-1: valid_product_#res#1 := valid_product_~retValue_acc~23#1; [2025-03-03 14:25:17,317 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1658-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~17#1; [2025-03-03 14:25:17,317 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1551-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~16#1; [2025-03-03 14:25:17,317 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2914-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~40#1; [2025-03-03 14:25:17,318 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2923-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~41#1; [2025-03-03 14:25:17,318 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2932-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~42#1; [2025-03-03 14:25:17,323 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2360: #res := ~retValue_acc~30; [2025-03-03 14:25:17,337 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2250: #res#1 := ~retValue_acc~25#1; [2025-03-03 14:25:17,337 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2230-1: isReadable__wrappee__Keys_#res#1 := isReadable__wrappee__Keys_~retValue_acc~24#1; [2025-03-03 14:25:17,457 INFO L? ?]: Removed 507 outVars from TransFormulas that were not future-live. [2025-03-03 14:25:17,457 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:25:17,491 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:25:17,491 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:25:17,491 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:25:17 BoogieIcfgContainer [2025-03-03 14:25:17,491 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:25:17,493 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:25:17,493 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:25:17,496 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:25:17,496 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:25:15" (1/3) ... [2025-03-03 14:25:17,496 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7ed403fd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:25:17, skipping insertion in model container [2025-03-03 14:25:17,496 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:16" (2/3) ... [2025-03-03 14:25:17,496 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7ed403fd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:25:17, skipping insertion in model container [2025-03-03 14:25:17,497 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:25:17" (3/3) ... [2025-03-03 14:25:17,498 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec6_product29.cil.c [2025-03-03 14:25:17,507 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:25:17,509 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec6_product29.cil.c that has 29 procedures, 412 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-03 14:25:17,561 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:25:17,570 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@60721103, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:25:17,570 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:25:17,573 INFO L276 IsEmpty]: Start isEmpty. Operand has 412 states, 317 states have (on average 1.5488958990536277) internal successors, (491), 322 states have internal predecessors, (491), 65 states have call successors, (65), 28 states have call predecessors, (65), 28 states have return successors, (65), 64 states have call predecessors, (65), 65 states have call successors, (65) [2025-03-03 14:25:17,589 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 136 [2025-03-03 14:25:17,589 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:17,589 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:17,590 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:17,593 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:17,593 INFO L85 PathProgramCache]: Analyzing trace with hash -787728116, now seen corresponding path program 1 times [2025-03-03 14:25:17,598 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:17,598 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [479780160] [2025-03-03 14:25:17,598 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:17,599 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:17,677 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 135 statements into 1 equivalence classes. [2025-03-03 14:25:17,731 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 135 of 135 statements. [2025-03-03 14:25:17,731 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:17,731 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:18,173 INFO L134 CoverageAnalysis]: Checked inductivity of 36 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:25:18,174 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:18,174 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [479780160] [2025-03-03 14:25:18,175 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [479780160] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:18,175 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1866943557] [2025-03-03 14:25:18,175 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:18,175 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:18,175 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:18,177 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:18,179 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:25:18,325 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 135 statements into 1 equivalence classes. [2025-03-03 14:25:18,453 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 135 of 135 statements. [2025-03-03 14:25:18,453 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:18,454 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:18,461 INFO L256 TraceCheckSpWp]: Trace formula consists of 1176 conjuncts, 1 conjuncts are in the unsatisfiable core [2025-03-03 14:25:18,467 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:18,482 INFO L134 CoverageAnalysis]: Checked inductivity of 36 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2025-03-03 14:25:18,483 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:25:18,483 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1866943557] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:18,483 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:25:18,483 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [5] total 5 [2025-03-03 14:25:18,485 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [532924534] [2025-03-03 14:25:18,485 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:18,488 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:25:18,488 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:18,506 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:25:18,506 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:18,509 INFO L87 Difference]: Start difference. First operand has 412 states, 317 states have (on average 1.5488958990536277) internal successors, (491), 322 states have internal predecessors, (491), 65 states have call successors, (65), 28 states have call predecessors, (65), 28 states have return successors, (65), 64 states have call predecessors, (65), 65 states have call successors, (65) Second operand has 2 states, 2 states have (on average 37.5) internal successors, (75), 2 states have internal predecessors, (75), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:18,580 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:18,581 INFO L93 Difference]: Finished difference Result 637 states and 942 transitions. [2025-03-03 14:25:18,581 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:25:18,582 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 37.5) internal successors, (75), 2 states have internal predecessors, (75), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 135 [2025-03-03 14:25:18,583 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:18,595 INFO L225 Difference]: With dead ends: 637 [2025-03-03 14:25:18,598 INFO L226 Difference]: Without dead ends: 405 [2025-03-03 14:25:18,604 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 136 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:18,606 INFO L435 NwaCegarLoop]: 618 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 618 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:18,608 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 618 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:18,620 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 405 states. [2025-03-03 14:25:18,654 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 405 to 405. [2025-03-03 14:25:18,656 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 405 states, 311 states have (on average 1.5466237942122187) internal successors, (481), 315 states have internal predecessors, (481), 65 states have call successors, (65), 28 states have call predecessors, (65), 28 states have return successors, (64), 63 states have call predecessors, (64), 64 states have call successors, (64) [2025-03-03 14:25:18,660 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 405 states to 405 states and 610 transitions. [2025-03-03 14:25:18,662 INFO L78 Accepts]: Start accepts. Automaton has 405 states and 610 transitions. Word has length 135 [2025-03-03 14:25:18,664 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:18,664 INFO L471 AbstractCegarLoop]: Abstraction has 405 states and 610 transitions. [2025-03-03 14:25:18,664 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 37.5) internal successors, (75), 2 states have internal predecessors, (75), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:18,664 INFO L276 IsEmpty]: Start isEmpty. Operand 405 states and 610 transitions. [2025-03-03 14:25:18,671 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 137 [2025-03-03 14:25:18,671 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:18,672 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:18,681 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-03 14:25:18,872 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-03 14:25:18,873 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:18,873 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:18,873 INFO L85 PathProgramCache]: Analyzing trace with hash -32565578, now seen corresponding path program 1 times [2025-03-03 14:25:18,873 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:18,874 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [783339614] [2025-03-03 14:25:18,874 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:18,874 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:18,902 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 136 statements into 1 equivalence classes. [2025-03-03 14:25:18,914 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 136 of 136 statements. [2025-03-03 14:25:18,915 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:18,915 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:19,170 INFO L134 CoverageAnalysis]: Checked inductivity of 36 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:25:19,170 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:19,170 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [783339614] [2025-03-03 14:25:19,170 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [783339614] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:19,170 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1485944206] [2025-03-03 14:25:19,171 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:19,171 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:19,171 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:19,174 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:19,176 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:25:19,329 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 136 statements into 1 equivalence classes. [2025-03-03 14:25:19,463 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 136 of 136 statements. [2025-03-03 14:25:19,464 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:19,464 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:19,469 INFO L256 TraceCheckSpWp]: Trace formula consists of 1177 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-03 14:25:19,476 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:19,501 INFO L134 CoverageAnalysis]: Checked inductivity of 36 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2025-03-03 14:25:19,502 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:25:19,502 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1485944206] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:19,502 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:25:19,502 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:25:19,502 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [692943357] [2025-03-03 14:25:19,502 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:19,503 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:19,503 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:19,504 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:19,504 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:25:19,504 INFO L87 Difference]: Start difference. First operand 405 states and 610 transitions. Second operand has 3 states, 3 states have (on average 25.333333333333332) internal successors, (76), 3 states have internal predecessors, (76), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:19,534 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:19,534 INFO L93 Difference]: Finished difference Result 626 states and 920 transitions. [2025-03-03 14:25:19,535 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:19,535 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 25.333333333333332) internal successors, (76), 3 states have internal predecessors, (76), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 136 [2025-03-03 14:25:19,535 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:19,539 INFO L225 Difference]: With dead ends: 626 [2025-03-03 14:25:19,539 INFO L226 Difference]: Without dead ends: 407 [2025-03-03 14:25:19,540 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 140 GetRequests, 136 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:25:19,541 INFO L435 NwaCegarLoop]: 609 mSDtfsCounter, 0 mSDsluCounter, 607 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1216 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:19,541 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1216 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:19,544 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 407 states. [2025-03-03 14:25:19,573 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 407 to 407. [2025-03-03 14:25:19,577 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 407 states, 313 states have (on average 1.5431309904153354) internal successors, (483), 317 states have internal predecessors, (483), 65 states have call successors, (65), 28 states have call predecessors, (65), 28 states have return successors, (64), 63 states have call predecessors, (64), 64 states have call successors, (64) [2025-03-03 14:25:19,580 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 407 states to 407 states and 612 transitions. [2025-03-03 14:25:19,581 INFO L78 Accepts]: Start accepts. Automaton has 407 states and 612 transitions. Word has length 136 [2025-03-03 14:25:19,581 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:19,581 INFO L471 AbstractCegarLoop]: Abstraction has 407 states and 612 transitions. [2025-03-03 14:25:19,582 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 25.333333333333332) internal successors, (76), 3 states have internal predecessors, (76), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:19,582 INFO L276 IsEmpty]: Start isEmpty. Operand 407 states and 612 transitions. [2025-03-03 14:25:19,584 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 142 [2025-03-03 14:25:19,584 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:19,585 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:19,593 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-03-03 14:25:19,788 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-03 14:25:19,788 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:19,789 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:19,789 INFO L85 PathProgramCache]: Analyzing trace with hash -1147399849, now seen corresponding path program 1 times [2025-03-03 14:25:19,789 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:19,789 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [183894684] [2025-03-03 14:25:19,789 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:19,789 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:19,816 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 141 statements into 1 equivalence classes. [2025-03-03 14:25:19,827 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 141 of 141 statements. [2025-03-03 14:25:19,828 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:19,828 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:20,038 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2025-03-03 14:25:20,038 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:20,038 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [183894684] [2025-03-03 14:25:20,038 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [183894684] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:20,038 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [182704354] [2025-03-03 14:25:20,038 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:20,038 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:20,038 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:20,041 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:20,042 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:25:20,175 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 141 statements into 1 equivalence classes. [2025-03-03 14:25:20,288 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 141 of 141 statements. [2025-03-03 14:25:20,288 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:20,288 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:20,292 INFO L256 TraceCheckSpWp]: Trace formula consists of 1189 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:25:20,297 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:20,317 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2025-03-03 14:25:20,317 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:25:20,317 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [182704354] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:20,318 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:25:20,318 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:25:20,318 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1201379202] [2025-03-03 14:25:20,318 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:20,318 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:20,318 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:20,319 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:20,319 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:25:20,319 INFO L87 Difference]: Start difference. First operand 407 states and 612 transitions. Second operand has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:20,355 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:20,359 INFO L93 Difference]: Finished difference Result 856 states and 1307 transitions. [2025-03-03 14:25:20,359 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:20,359 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 141 [2025-03-03 14:25:20,360 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:20,362 INFO L225 Difference]: With dead ends: 856 [2025-03-03 14:25:20,362 INFO L226 Difference]: Without dead ends: 476 [2025-03-03 14:25:20,367 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 145 GetRequests, 141 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:25:20,368 INFO L435 NwaCegarLoop]: 630 mSDtfsCounter, 126 mSDsluCounter, 565 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 1195 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:20,368 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 1195 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:20,371 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 476 states. [2025-03-03 14:25:20,390 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 476 to 468. [2025-03-03 14:25:20,391 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 468 states, 360 states have (on average 1.5638888888888889) internal successors, (563), 364 states have internal predecessors, (563), 79 states have call successors, (79), 28 states have call predecessors, (79), 28 states have return successors, (78), 77 states have call predecessors, (78), 78 states have call successors, (78) [2025-03-03 14:25:20,396 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 468 states to 468 states and 720 transitions. [2025-03-03 14:25:20,396 INFO L78 Accepts]: Start accepts. Automaton has 468 states and 720 transitions. Word has length 141 [2025-03-03 14:25:20,397 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:20,397 INFO L471 AbstractCegarLoop]: Abstraction has 468 states and 720 transitions. [2025-03-03 14:25:20,397 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:20,397 INFO L276 IsEmpty]: Start isEmpty. Operand 468 states and 720 transitions. [2025-03-03 14:25:20,400 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 162 [2025-03-03 14:25:20,400 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:20,401 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:20,409 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2025-03-03 14:25:20,601 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:20,601 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:20,602 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:20,602 INFO L85 PathProgramCache]: Analyzing trace with hash 2068863892, now seen corresponding path program 1 times [2025-03-03 14:25:20,602 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:20,602 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [990170044] [2025-03-03 14:25:20,602 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:20,602 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:20,625 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 161 statements into 1 equivalence classes. [2025-03-03 14:25:20,631 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 161 of 161 statements. [2025-03-03 14:25:20,631 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:20,631 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:20,778 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 44 trivial. 0 not checked. [2025-03-03 14:25:20,778 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:20,778 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [990170044] [2025-03-03 14:25:20,778 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [990170044] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:20,778 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1268666587] [2025-03-03 14:25:20,778 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:20,778 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:20,779 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:20,780 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:20,783 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-03 14:25:20,922 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 161 statements into 1 equivalence classes. [2025-03-03 14:25:21,039 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 161 of 161 statements. [2025-03-03 14:25:21,039 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:21,039 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:21,043 INFO L256 TraceCheckSpWp]: Trace formula consists of 1272 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-03 14:25:21,047 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:21,121 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2025-03-03 14:25:21,122 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:25:21,122 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1268666587] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:21,122 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:25:21,122 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:25:21,122 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1044008432] [2025-03-03 14:25:21,122 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:21,122 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:25:21,122 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:21,123 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:25:21,123 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:25:21,123 INFO L87 Difference]: Start difference. First operand 468 states and 720 transitions. Second operand has 5 states, 4 states have (on average 24.25) internal successors, (97), 5 states have internal predecessors, (97), 3 states have call successors, (24), 2 states have call predecessors, (24), 3 states have return successors, (21), 2 states have call predecessors, (21), 3 states have call successors, (21) [2025-03-03 14:25:21,176 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:21,176 INFO L93 Difference]: Finished difference Result 927 states and 1430 transitions. [2025-03-03 14:25:21,178 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:25:21,178 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 24.25) internal successors, (97), 5 states have internal predecessors, (97), 3 states have call successors, (24), 2 states have call predecessors, (24), 3 states have return successors, (21), 2 states have call predecessors, (21), 3 states have call successors, (21) Word has length 161 [2025-03-03 14:25:21,179 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:21,182 INFO L225 Difference]: With dead ends: 927 [2025-03-03 14:25:21,182 INFO L226 Difference]: Without dead ends: 470 [2025-03-03 14:25:21,185 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 165 GetRequests, 159 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:25:21,185 INFO L435 NwaCegarLoop]: 602 mSDtfsCounter, 2 mSDsluCounter, 1795 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2397 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:21,187 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2397 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:21,189 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 470 states. [2025-03-03 14:25:21,207 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 470 to 470. [2025-03-03 14:25:21,208 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 470 states, 361 states have (on average 1.5623268698060941) internal successors, (564), 366 states have internal predecessors, (564), 79 states have call successors, (79), 28 states have call predecessors, (79), 29 states have return successors, (80), 77 states have call predecessors, (80), 78 states have call successors, (80) [2025-03-03 14:25:21,210 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 470 states to 470 states and 723 transitions. [2025-03-03 14:25:21,211 INFO L78 Accepts]: Start accepts. Automaton has 470 states and 723 transitions. Word has length 161 [2025-03-03 14:25:21,211 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:21,211 INFO L471 AbstractCegarLoop]: Abstraction has 470 states and 723 transitions. [2025-03-03 14:25:21,211 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 24.25) internal successors, (97), 5 states have internal predecessors, (97), 3 states have call successors, (24), 2 states have call predecessors, (24), 3 states have return successors, (21), 2 states have call predecessors, (21), 3 states have call successors, (21) [2025-03-03 14:25:21,211 INFO L276 IsEmpty]: Start isEmpty. Operand 470 states and 723 transitions. [2025-03-03 14:25:21,213 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 144 [2025-03-03 14:25:21,213 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:21,213 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:21,224 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2025-03-03 14:25:21,414 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:21,415 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:21,415 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:21,415 INFO L85 PathProgramCache]: Analyzing trace with hash 2009827653, now seen corresponding path program 1 times [2025-03-03 14:25:21,415 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:21,415 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1824569106] [2025-03-03 14:25:21,416 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:21,416 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:21,436 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 143 statements into 1 equivalence classes. [2025-03-03 14:25:21,441 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 143 of 143 statements. [2025-03-03 14:25:21,441 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:21,441 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:21,560 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 26 trivial. 0 not checked. [2025-03-03 14:25:21,560 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:21,560 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1824569106] [2025-03-03 14:25:21,560 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1824569106] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:21,560 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1687963267] [2025-03-03 14:25:21,561 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:21,561 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:21,561 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:21,563 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:21,565 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-03 14:25:21,698 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 143 statements into 1 equivalence classes. [2025-03-03 14:25:21,804 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 143 of 143 statements. [2025-03-03 14:25:21,804 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:21,804 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:21,808 INFO L256 TraceCheckSpWp]: Trace formula consists of 1195 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:25:21,813 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:21,858 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2025-03-03 14:25:21,858 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:25:21,858 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1687963267] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:21,858 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:25:21,858 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-03 14:25:21,859 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [921969289] [2025-03-03 14:25:21,859 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:21,859 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:25:21,859 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:21,859 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:25:21,860 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:25:21,860 INFO L87 Difference]: Start difference. First operand 470 states and 723 transitions. Second operand has 5 states, 5 states have (on average 18.4) internal successors, (92), 5 states have internal predecessors, (92), 3 states have call successors, (21), 2 states have call predecessors, (21), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:21,939 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:21,939 INFO L93 Difference]: Finished difference Result 929 states and 1435 transitions. [2025-03-03 14:25:21,940 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:25:21,940 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 18.4) internal successors, (92), 5 states have internal predecessors, (92), 3 states have call successors, (21), 2 states have call predecessors, (21), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) Word has length 143 [2025-03-03 14:25:21,940 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:21,944 INFO L225 Difference]: With dead ends: 929 [2025-03-03 14:25:21,944 INFO L226 Difference]: Without dead ends: 472 [2025-03-03 14:25:21,946 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 150 GetRequests, 141 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:25:21,947 INFO L435 NwaCegarLoop]: 600 mSDtfsCounter, 2 mSDsluCounter, 1783 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2383 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:21,948 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2383 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:21,949 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 472 states. [2025-03-03 14:25:21,964 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 472 to 472. [2025-03-03 14:25:21,965 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 472 states, 362 states have (on average 1.5607734806629834) internal successors, (565), 368 states have internal predecessors, (565), 79 states have call successors, (79), 28 states have call predecessors, (79), 30 states have return successors, (85), 77 states have call predecessors, (85), 78 states have call successors, (85) [2025-03-03 14:25:21,967 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 472 states to 472 states and 729 transitions. [2025-03-03 14:25:21,968 INFO L78 Accepts]: Start accepts. Automaton has 472 states and 729 transitions. Word has length 143 [2025-03-03 14:25:21,968 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:21,968 INFO L471 AbstractCegarLoop]: Abstraction has 472 states and 729 transitions. [2025-03-03 14:25:21,969 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 18.4) internal successors, (92), 5 states have internal predecessors, (92), 3 states have call successors, (21), 2 states have call predecessors, (21), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:21,969 INFO L276 IsEmpty]: Start isEmpty. Operand 472 states and 729 transitions. [2025-03-03 14:25:21,971 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 145 [2025-03-03 14:25:21,971 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:21,971 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:21,979 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Ended with exit code 0 [2025-03-03 14:25:22,171 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:22,172 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:22,172 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:22,172 INFO L85 PathProgramCache]: Analyzing trace with hash 1741749174, now seen corresponding path program 1 times [2025-03-03 14:25:22,172 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:22,172 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [557174455] [2025-03-03 14:25:22,172 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:22,173 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:22,202 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 144 statements into 1 equivalence classes. [2025-03-03 14:25:22,211 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 144 of 144 statements. [2025-03-03 14:25:22,211 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:22,211 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:22,323 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2025-03-03 14:25:22,323 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:22,323 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [557174455] [2025-03-03 14:25:22,323 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [557174455] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:22,323 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:22,323 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:25:22,323 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1409877999] [2025-03-03 14:25:22,324 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:22,324 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:25:22,324 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:22,325 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:25:22,325 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:22,325 INFO L87 Difference]: Start difference. First operand 472 states and 729 transitions. Second operand has 5 states, 4 states have (on average 22.0) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:22,365 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:22,365 INFO L93 Difference]: Finished difference Result 921 states and 1426 transitions. [2025-03-03 14:25:22,365 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:25:22,366 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 22.0) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 3 states have call successors, (18) Word has length 144 [2025-03-03 14:25:22,366 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:22,369 INFO L225 Difference]: With dead ends: 921 [2025-03-03 14:25:22,369 INFO L226 Difference]: Without dead ends: 472 [2025-03-03 14:25:22,371 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:22,371 INFO L435 NwaCegarLoop]: 603 mSDtfsCounter, 2 mSDsluCounter, 1798 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2401 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:22,371 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2401 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:22,375 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 472 states. [2025-03-03 14:25:22,395 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 472 to 472. [2025-03-03 14:25:22,396 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 472 states, 362 states have (on average 1.5607734806629834) internal successors, (565), 368 states have internal predecessors, (565), 79 states have call successors, (79), 28 states have call predecessors, (79), 30 states have return successors, (84), 77 states have call predecessors, (84), 78 states have call successors, (84) [2025-03-03 14:25:22,403 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 472 states to 472 states and 728 transitions. [2025-03-03 14:25:22,404 INFO L78 Accepts]: Start accepts. Automaton has 472 states and 728 transitions. Word has length 144 [2025-03-03 14:25:22,404 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:22,404 INFO L471 AbstractCegarLoop]: Abstraction has 472 states and 728 transitions. [2025-03-03 14:25:22,404 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 22.0) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:22,405 INFO L276 IsEmpty]: Start isEmpty. Operand 472 states and 728 transitions. [2025-03-03 14:25:22,406 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 146 [2025-03-03 14:25:22,407 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:22,407 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:22,407 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:25:22,407 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:22,407 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:22,407 INFO L85 PathProgramCache]: Analyzing trace with hash 1976966174, now seen corresponding path program 2 times [2025-03-03 14:25:22,408 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:22,408 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1837740800] [2025-03-03 14:25:22,408 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:25:22,408 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:22,430 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 145 statements into 2 equivalence classes. [2025-03-03 14:25:22,444 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 145 of 145 statements. [2025-03-03 14:25:22,444 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-03 14:25:22,444 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:22,542 INFO L134 CoverageAnalysis]: Checked inductivity of 39 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 33 trivial. 0 not checked. [2025-03-03 14:25:22,542 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:22,542 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1837740800] [2025-03-03 14:25:22,542 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1837740800] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:22,542 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:22,542 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:25:22,542 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1765471170] [2025-03-03 14:25:22,542 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:22,543 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:25:22,543 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:22,544 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:25:22,544 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:22,544 INFO L87 Difference]: Start difference. First operand 472 states and 728 transitions. Second operand has 5 states, 5 states have (on average 17.6) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:22,593 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:22,593 INFO L93 Difference]: Finished difference Result 919 states and 1421 transitions. [2025-03-03 14:25:22,594 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:25:22,594 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 17.6) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) Word has length 145 [2025-03-03 14:25:22,595 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:22,598 INFO L225 Difference]: With dead ends: 919 [2025-03-03 14:25:22,598 INFO L226 Difference]: Without dead ends: 472 [2025-03-03 14:25:22,599 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:22,600 INFO L435 NwaCegarLoop]: 601 mSDtfsCounter, 2 mSDsluCounter, 1786 mSDsCounter, 0 mSdLazyCounter, 45 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2387 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 45 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:22,601 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2387 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 45 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:22,602 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 472 states. [2025-03-03 14:25:22,617 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 472 to 472. [2025-03-03 14:25:22,618 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 472 states, 362 states have (on average 1.5607734806629834) internal successors, (565), 368 states have internal predecessors, (565), 79 states have call successors, (79), 28 states have call predecessors, (79), 30 states have return successors, (83), 77 states have call predecessors, (83), 78 states have call successors, (83) [2025-03-03 14:25:22,620 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 472 states to 472 states and 727 transitions. [2025-03-03 14:25:22,621 INFO L78 Accepts]: Start accepts. Automaton has 472 states and 727 transitions. Word has length 145 [2025-03-03 14:25:22,621 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:22,621 INFO L471 AbstractCegarLoop]: Abstraction has 472 states and 727 transitions. [2025-03-03 14:25:22,621 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 17.6) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:22,622 INFO L276 IsEmpty]: Start isEmpty. Operand 472 states and 727 transitions. [2025-03-03 14:25:22,624 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 166 [2025-03-03 14:25:22,624 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:22,625 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:22,626 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:25:22,626 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:22,626 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:22,626 INFO L85 PathProgramCache]: Analyzing trace with hash 1578642530, now seen corresponding path program 1 times [2025-03-03 14:25:22,626 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:22,626 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1468192854] [2025-03-03 14:25:22,626 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:22,626 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:22,647 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 165 statements into 1 equivalence classes. [2025-03-03 14:25:22,656 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 165 of 165 statements. [2025-03-03 14:25:22,656 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:22,656 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:22,787 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:25:22,787 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:22,787 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1468192854] [2025-03-03 14:25:22,787 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1468192854] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:22,787 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:22,787 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:25:22,787 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [511621051] [2025-03-03 14:25:22,788 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:22,788 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:25:22,788 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:22,788 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:25:22,788 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:22,789 INFO L87 Difference]: Start difference. First operand 472 states and 727 transitions. Second operand has 5 states, 4 states have (on average 24.0) internal successors, (96), 5 states have internal predecessors, (96), 3 states have call successors, (24), 2 states have call predecessors, (24), 2 states have return successors, (21), 2 states have call predecessors, (21), 3 states have call successors, (21) [2025-03-03 14:25:22,830 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:22,830 INFO L93 Difference]: Finished difference Result 923 states and 1427 transitions. [2025-03-03 14:25:22,831 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:25:22,831 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 24.0) internal successors, (96), 5 states have internal predecessors, (96), 3 states have call successors, (24), 2 states have call predecessors, (24), 2 states have return successors, (21), 2 states have call predecessors, (21), 3 states have call successors, (21) Word has length 165 [2025-03-03 14:25:22,831 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:22,835 INFO L225 Difference]: With dead ends: 923 [2025-03-03 14:25:22,835 INFO L226 Difference]: Without dead ends: 474 [2025-03-03 14:25:22,837 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:22,837 INFO L435 NwaCegarLoop]: 604 mSDtfsCounter, 1 mSDsluCounter, 1800 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2404 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:22,837 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2404 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:22,838 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 474 states. [2025-03-03 14:25:22,851 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 474 to 474. [2025-03-03 14:25:22,852 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 474 states, 363 states have (on average 1.559228650137741) internal successors, (566), 370 states have internal predecessors, (566), 79 states have call successors, (79), 28 states have call predecessors, (79), 31 states have return successors, (85), 77 states have call predecessors, (85), 78 states have call successors, (85) [2025-03-03 14:25:22,854 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 474 states to 474 states and 730 transitions. [2025-03-03 14:25:22,855 INFO L78 Accepts]: Start accepts. Automaton has 474 states and 730 transitions. Word has length 165 [2025-03-03 14:25:22,855 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:22,855 INFO L471 AbstractCegarLoop]: Abstraction has 474 states and 730 transitions. [2025-03-03 14:25:22,855 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 24.0) internal successors, (96), 5 states have internal predecessors, (96), 3 states have call successors, (24), 2 states have call predecessors, (24), 2 states have return successors, (21), 2 states have call predecessors, (21), 3 states have call successors, (21) [2025-03-03 14:25:22,855 INFO L276 IsEmpty]: Start isEmpty. Operand 474 states and 730 transitions. [2025-03-03 14:25:22,857 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 148 [2025-03-03 14:25:22,857 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:22,857 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:22,857 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:25:22,857 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:22,858 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:22,858 INFO L85 PathProgramCache]: Analyzing trace with hash -750601128, now seen corresponding path program 1 times [2025-03-03 14:25:22,858 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:22,858 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1463044243] [2025-03-03 14:25:22,858 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:22,858 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:22,874 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 147 statements into 1 equivalence classes. [2025-03-03 14:25:22,880 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 147 of 147 statements. [2025-03-03 14:25:22,880 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:22,880 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:22,998 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 26 trivial. 0 not checked. [2025-03-03 14:25:22,998 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:22,998 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1463044243] [2025-03-03 14:25:22,998 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1463044243] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:22,998 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:22,998 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:25:22,998 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1878661867] [2025-03-03 14:25:22,998 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:22,998 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:25:22,998 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:22,999 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:25:22,999 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:25:22,999 INFO L87 Difference]: Start difference. First operand 474 states and 730 transitions. Second operand has 8 states, 7 states have (on average 13.428571428571429) internal successors, (94), 8 states have internal predecessors, (94), 4 states have call successors, (21), 2 states have call predecessors, (21), 3 states have return successors, (18), 3 states have call predecessors, (18), 4 states have call successors, (18) [2025-03-03 14:25:23,129 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:23,130 INFO L93 Difference]: Finished difference Result 928 states and 1436 transitions. [2025-03-03 14:25:23,130 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-03-03 14:25:23,130 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 13.428571428571429) internal successors, (94), 8 states have internal predecessors, (94), 4 states have call successors, (21), 2 states have call predecessors, (21), 3 states have return successors, (18), 3 states have call predecessors, (18), 4 states have call successors, (18) Word has length 147 [2025-03-03 14:25:23,130 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:23,133 INFO L225 Difference]: With dead ends: 928 [2025-03-03 14:25:23,133 INFO L226 Difference]: Without dead ends: 479 [2025-03-03 14:25:23,134 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2025-03-03 14:25:23,136 INFO L435 NwaCegarLoop]: 596 mSDtfsCounter, 5 mSDsluCounter, 3547 mSDsCounter, 0 mSdLazyCounter, 164 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 6 SdHoareTripleChecker+Valid, 4143 SdHoareTripleChecker+Invalid, 169 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 164 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:23,136 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [6 Valid, 4143 Invalid, 169 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 164 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:25:23,137 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 479 states. [2025-03-03 14:25:23,148 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 479 to 479. [2025-03-03 14:25:23,149 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 479 states, 367 states have (on average 1.555858310626703) internal successors, (571), 374 states have internal predecessors, (571), 79 states have call successors, (79), 29 states have call predecessors, (79), 32 states have return successors, (90), 77 states have call predecessors, (90), 78 states have call successors, (90) [2025-03-03 14:25:23,151 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 479 states to 479 states and 740 transitions. [2025-03-03 14:25:23,152 INFO L78 Accepts]: Start accepts. Automaton has 479 states and 740 transitions. Word has length 147 [2025-03-03 14:25:23,152 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:23,152 INFO L471 AbstractCegarLoop]: Abstraction has 479 states and 740 transitions. [2025-03-03 14:25:23,153 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 13.428571428571429) internal successors, (94), 8 states have internal predecessors, (94), 4 states have call successors, (21), 2 states have call predecessors, (21), 3 states have return successors, (18), 3 states have call predecessors, (18), 4 states have call successors, (18) [2025-03-03 14:25:23,153 INFO L276 IsEmpty]: Start isEmpty. Operand 479 states and 740 transitions. [2025-03-03 14:25:23,155 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 149 [2025-03-03 14:25:23,155 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:23,155 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:23,155 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:25:23,155 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:23,155 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:23,155 INFO L85 PathProgramCache]: Analyzing trace with hash -239835824, now seen corresponding path program 1 times [2025-03-03 14:25:23,157 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:23,157 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [661882461] [2025-03-03 14:25:23,157 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:23,157 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:23,176 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 148 statements into 1 equivalence classes. [2025-03-03 14:25:23,183 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 148 of 148 statements. [2025-03-03 14:25:23,183 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:23,183 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:23,288 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:23,288 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:23,288 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [661882461] [2025-03-03 14:25:23,288 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [661882461] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:23,288 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1676484621] [2025-03-03 14:25:23,288 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:23,288 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:23,288 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:23,291 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:23,293 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-03 14:25:23,441 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 148 statements into 1 equivalence classes. [2025-03-03 14:25:23,544 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 148 of 148 statements. [2025-03-03 14:25:23,545 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:23,545 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:23,549 INFO L256 TraceCheckSpWp]: Trace formula consists of 1200 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:25:23,552 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:23,573 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:23,574 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:25:23,671 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:23,671 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1676484621] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:25:23,671 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:25:23,672 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2025-03-03 14:25:23,672 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [24733422] [2025-03-03 14:25:23,672 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:25:23,672 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-03 14:25:23,672 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:23,673 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-03 14:25:23,673 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:25:23,673 INFO L87 Difference]: Start difference. First operand 479 states and 740 transitions. Second operand has 7 states, 7 states have (on average 18.571428571428573) internal successors, (130), 7 states have internal predecessors, (130), 2 states have call successors, (33), 2 states have call predecessors, (33), 2 states have return successors, (30), 2 states have call predecessors, (30), 2 states have call successors, (30) [2025-03-03 14:25:23,819 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:23,819 INFO L93 Difference]: Finished difference Result 1110 states and 1776 transitions. [2025-03-03 14:25:23,820 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-03 14:25:23,820 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 18.571428571428573) internal successors, (130), 7 states have internal predecessors, (130), 2 states have call successors, (33), 2 states have call predecessors, (33), 2 states have return successors, (30), 2 states have call predecessors, (30), 2 states have call successors, (30) Word has length 148 [2025-03-03 14:25:23,820 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:23,825 INFO L225 Difference]: With dead ends: 1110 [2025-03-03 14:25:23,825 INFO L226 Difference]: Without dead ends: 891 [2025-03-03 14:25:23,826 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 298 GetRequests, 293 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:25:23,826 INFO L435 NwaCegarLoop]: 652 mSDtfsCounter, 486 mSDsluCounter, 1990 mSDsCounter, 0 mSdLazyCounter, 76 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 540 SdHoareTripleChecker+Valid, 2642 SdHoareTripleChecker+Invalid, 85 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 76 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:23,826 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [540 Valid, 2642 Invalid, 85 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 76 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:25:23,827 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 891 states. [2025-03-03 14:25:23,849 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 891 to 867. [2025-03-03 14:25:23,851 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 867 states, 676 states have (on average 1.6257396449704142) internal successors, (1099), 683 states have internal predecessors, (1099), 158 states have call successors, (158), 29 states have call predecessors, (158), 32 states have return successors, (179), 156 states have call predecessors, (179), 157 states have call successors, (179) [2025-03-03 14:25:23,855 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 867 states to 867 states and 1436 transitions. [2025-03-03 14:25:23,856 INFO L78 Accepts]: Start accepts. Automaton has 867 states and 1436 transitions. Word has length 148 [2025-03-03 14:25:23,856 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:23,856 INFO L471 AbstractCegarLoop]: Abstraction has 867 states and 1436 transitions. [2025-03-03 14:25:23,857 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 18.571428571428573) internal successors, (130), 7 states have internal predecessors, (130), 2 states have call successors, (33), 2 states have call predecessors, (33), 2 states have return successors, (30), 2 states have call predecessors, (30), 2 states have call successors, (30) [2025-03-03 14:25:23,857 INFO L276 IsEmpty]: Start isEmpty. Operand 867 states and 1436 transitions. [2025-03-03 14:25:23,861 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 155 [2025-03-03 14:25:23,861 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:23,861 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:23,870 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2025-03-03 14:25:24,065 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:24,065 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:24,066 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:24,066 INFO L85 PathProgramCache]: Analyzing trace with hash 1984040112, now seen corresponding path program 1 times [2025-03-03 14:25:24,066 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:24,066 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1304472387] [2025-03-03 14:25:24,066 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:24,066 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:24,082 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 154 statements into 1 equivalence classes. [2025-03-03 14:25:24,089 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 154 of 154 statements. [2025-03-03 14:25:24,089 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:24,089 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:24,119 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:24,119 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:24,119 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1304472387] [2025-03-03 14:25:24,119 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1304472387] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:24,119 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:24,119 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:24,119 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1615159172] [2025-03-03 14:25:24,120 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:24,120 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:24,120 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:24,120 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:24,120 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:24,120 INFO L87 Difference]: Start difference. First operand 867 states and 1436 transitions. Second operand has 3 states, 3 states have (on average 32.0) internal successors, (96), 3 states have internal predecessors, (96), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:24,153 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:24,154 INFO L93 Difference]: Finished difference Result 2058 states and 3462 transitions. [2025-03-03 14:25:24,154 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:24,154 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 32.0) internal successors, (96), 3 states have internal predecessors, (96), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 154 [2025-03-03 14:25:24,154 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:24,161 INFO L225 Difference]: With dead ends: 2058 [2025-03-03 14:25:24,161 INFO L226 Difference]: Without dead ends: 1260 [2025-03-03 14:25:24,164 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:24,164 INFO L435 NwaCegarLoop]: 622 mSDtfsCounter, 124 mSDsluCounter, 606 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1228 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:24,164 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1228 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:24,165 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1260 states. [2025-03-03 14:25:24,220 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1260 to 1252. [2025-03-03 14:25:24,223 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1252 states, 982 states have (on average 1.6435845213849287) internal successors, (1614), 989 states have internal predecessors, (1614), 237 states have call successors, (237), 29 states have call predecessors, (237), 32 states have return successors, (268), 235 states have call predecessors, (268), 236 states have call successors, (268) [2025-03-03 14:25:24,228 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1252 states to 1252 states and 2119 transitions. [2025-03-03 14:25:24,230 INFO L78 Accepts]: Start accepts. Automaton has 1252 states and 2119 transitions. Word has length 154 [2025-03-03 14:25:24,230 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:24,230 INFO L471 AbstractCegarLoop]: Abstraction has 1252 states and 2119 transitions. [2025-03-03 14:25:24,230 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 32.0) internal successors, (96), 3 states have internal predecessors, (96), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:24,231 INFO L276 IsEmpty]: Start isEmpty. Operand 1252 states and 2119 transitions. [2025-03-03 14:25:24,237 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 156 [2025-03-03 14:25:24,237 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:24,237 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:24,238 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-03-03 14:25:24,238 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:24,238 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:24,238 INFO L85 PathProgramCache]: Analyzing trace with hash -357646239, now seen corresponding path program 1 times [2025-03-03 14:25:24,239 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:24,239 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1638691533] [2025-03-03 14:25:24,239 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:24,239 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:24,258 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 155 statements into 1 equivalence classes. [2025-03-03 14:25:24,268 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 155 of 155 statements. [2025-03-03 14:25:24,268 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:24,269 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:24,309 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:24,309 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:24,309 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1638691533] [2025-03-03 14:25:24,309 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1638691533] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:24,309 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:24,309 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:24,309 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [482357957] [2025-03-03 14:25:24,309 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:24,310 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:24,310 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:24,310 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:24,310 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:24,310 INFO L87 Difference]: Start difference. First operand 1252 states and 2119 transitions. Second operand has 3 states, 3 states have (on average 32.333333333333336) internal successors, (97), 3 states have internal predecessors, (97), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:24,373 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:24,373 INFO L93 Difference]: Finished difference Result 2996 states and 5109 transitions. [2025-03-03 14:25:24,373 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:24,373 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 32.333333333333336) internal successors, (97), 3 states have internal predecessors, (97), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 155 [2025-03-03 14:25:24,374 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:24,384 INFO L225 Difference]: With dead ends: 2996 [2025-03-03 14:25:24,384 INFO L226 Difference]: Without dead ends: 1864 [2025-03-03 14:25:24,389 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:24,389 INFO L435 NwaCegarLoop]: 620 mSDtfsCounter, 122 mSDsluCounter, 604 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1224 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:24,389 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1224 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:24,391 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1864 states. [2025-03-03 14:25:24,452 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1864 to 1856. [2025-03-03 14:25:24,455 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1856 states, 1467 states have (on average 1.6557600545330606) internal successors, (2429), 1474 states have internal predecessors, (2429), 356 states have call successors, (356), 29 states have call predecessors, (356), 32 states have return successors, (387), 354 states have call predecessors, (387), 355 states have call successors, (387) [2025-03-03 14:25:24,464 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1856 states to 1856 states and 3172 transitions. [2025-03-03 14:25:24,466 INFO L78 Accepts]: Start accepts. Automaton has 1856 states and 3172 transitions. Word has length 155 [2025-03-03 14:25:24,466 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:24,466 INFO L471 AbstractCegarLoop]: Abstraction has 1856 states and 3172 transitions. [2025-03-03 14:25:24,466 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 32.333333333333336) internal successors, (97), 3 states have internal predecessors, (97), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:24,466 INFO L276 IsEmpty]: Start isEmpty. Operand 1856 states and 3172 transitions. [2025-03-03 14:25:24,475 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 176 [2025-03-03 14:25:24,475 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:24,475 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:24,476 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-03 14:25:24,476 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:24,476 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:24,476 INFO L85 PathProgramCache]: Analyzing trace with hash 2065528286, now seen corresponding path program 1 times [2025-03-03 14:25:24,476 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:24,476 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1926612181] [2025-03-03 14:25:24,476 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:24,476 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:24,494 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 175 statements into 1 equivalence classes. [2025-03-03 14:25:24,499 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 175 of 175 statements. [2025-03-03 14:25:24,500 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:24,500 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:24,528 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:25:24,528 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:24,528 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1926612181] [2025-03-03 14:25:24,528 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1926612181] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:24,528 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:24,528 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:24,528 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [222745050] [2025-03-03 14:25:24,528 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:24,529 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:24,529 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:24,529 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:24,529 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:24,529 INFO L87 Difference]: Start difference. First operand 1856 states and 3172 transitions. Second operand has 3 states, 3 states have (on average 35.0) internal successors, (105), 3 states have internal predecessors, (105), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:24,589 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:24,589 INFO L93 Difference]: Finished difference Result 4403 states and 7591 transitions. [2025-03-03 14:25:24,589 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:24,590 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 35.0) internal successors, (105), 3 states have internal predecessors, (105), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) Word has length 175 [2025-03-03 14:25:24,590 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:24,602 INFO L225 Difference]: With dead ends: 4403 [2025-03-03 14:25:24,602 INFO L226 Difference]: Without dead ends: 2789 [2025-03-03 14:25:24,607 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:24,607 INFO L435 NwaCegarLoop]: 609 mSDtfsCounter, 120 mSDsluCounter, 600 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1209 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:24,608 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1209 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:24,610 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2789 states. [2025-03-03 14:25:24,707 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2789 to 2781. [2025-03-03 14:25:24,711 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2781 states, 2230 states have (on average 1.6654708520179373) internal successors, (3714), 2237 states have internal predecessors, (3714), 518 states have call successors, (518), 29 states have call predecessors, (518), 32 states have return successors, (565), 516 states have call predecessors, (565), 517 states have call successors, (565) [2025-03-03 14:25:24,721 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2781 states to 2781 states and 4797 transitions. [2025-03-03 14:25:24,722 INFO L78 Accepts]: Start accepts. Automaton has 2781 states and 4797 transitions. Word has length 175 [2025-03-03 14:25:24,722 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:24,722 INFO L471 AbstractCegarLoop]: Abstraction has 2781 states and 4797 transitions. [2025-03-03 14:25:24,723 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 35.0) internal successors, (105), 3 states have internal predecessors, (105), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:24,723 INFO L276 IsEmpty]: Start isEmpty. Operand 2781 states and 4797 transitions. [2025-03-03 14:25:24,735 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 177 [2025-03-03 14:25:24,735 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:24,736 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:24,736 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-03-03 14:25:24,736 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:24,736 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:24,736 INFO L85 PathProgramCache]: Analyzing trace with hash -706669329, now seen corresponding path program 1 times [2025-03-03 14:25:24,736 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:24,736 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1074046708] [2025-03-03 14:25:24,736 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:24,736 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:24,753 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 176 statements into 1 equivalence classes. [2025-03-03 14:25:24,759 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 176 of 176 statements. [2025-03-03 14:25:24,759 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:24,759 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:24,794 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:25:24,794 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:24,794 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1074046708] [2025-03-03 14:25:24,794 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1074046708] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:24,794 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:24,794 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:24,794 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [852481612] [2025-03-03 14:25:24,795 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:24,796 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:24,796 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:24,797 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:24,797 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:24,797 INFO L87 Difference]: Start difference. First operand 2781 states and 4797 transitions. Second operand has 3 states, 3 states have (on average 35.333333333333336) internal successors, (106), 3 states have internal predecessors, (106), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:24,894 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:24,894 INFO L93 Difference]: Finished difference Result 6621 states and 11512 transitions. [2025-03-03 14:25:24,894 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:24,895 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 35.333333333333336) internal successors, (106), 3 states have internal predecessors, (106), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) Word has length 176 [2025-03-03 14:25:24,895 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:24,918 INFO L225 Difference]: With dead ends: 6621 [2025-03-03 14:25:24,919 INFO L226 Difference]: Without dead ends: 4282 [2025-03-03 14:25:24,928 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:24,929 INFO L435 NwaCegarLoop]: 609 mSDtfsCounter, 118 mSDsluCounter, 600 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1209 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:24,929 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1209 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:24,932 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4282 states. [2025-03-03 14:25:25,094 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4282 to 4274. [2025-03-03 14:25:25,102 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4274 states, 3478 states have (on average 1.6725129384703852) internal successors, (5817), 3485 states have internal predecessors, (5817), 763 states have call successors, (763), 29 states have call predecessors, (763), 32 states have return successors, (836), 761 states have call predecessors, (836), 762 states have call successors, (836) [2025-03-03 14:25:25,158 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4274 states to 4274 states and 7416 transitions. [2025-03-03 14:25:25,161 INFO L78 Accepts]: Start accepts. Automaton has 4274 states and 7416 transitions. Word has length 176 [2025-03-03 14:25:25,161 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:25,161 INFO L471 AbstractCegarLoop]: Abstraction has 4274 states and 7416 transitions. [2025-03-03 14:25:25,161 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 35.333333333333336) internal successors, (106), 3 states have internal predecessors, (106), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:25,162 INFO L276 IsEmpty]: Start isEmpty. Operand 4274 states and 7416 transitions. [2025-03-03 14:25:25,179 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 178 [2025-03-03 14:25:25,179 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:25,180 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:25,180 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-03 14:25:25,180 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:25,180 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:25,180 INFO L85 PathProgramCache]: Analyzing trace with hash -796287331, now seen corresponding path program 1 times [2025-03-03 14:25:25,180 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:25,181 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1332424860] [2025-03-03 14:25:25,181 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:25,181 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:25,199 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 177 statements into 1 equivalence classes. [2025-03-03 14:25:25,205 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 177 of 177 statements. [2025-03-03 14:25:25,206 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:25,206 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:25,237 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:25:25,238 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:25,238 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1332424860] [2025-03-03 14:25:25,238 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1332424860] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:25,238 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:25,238 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:25,238 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [983459193] [2025-03-03 14:25:25,238 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:25,238 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:25,238 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:25,239 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:25,239 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:25,239 INFO L87 Difference]: Start difference. First operand 4274 states and 7416 transitions. Second operand has 3 states, 3 states have (on average 35.666666666666664) internal successors, (107), 3 states have internal predecessors, (107), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:25,383 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:25,383 INFO L93 Difference]: Finished difference Result 10581 states and 18468 transitions. [2025-03-03 14:25:25,383 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:25,387 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 35.666666666666664) internal successors, (107), 3 states have internal predecessors, (107), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) Word has length 177 [2025-03-03 14:25:25,388 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:25,434 INFO L225 Difference]: With dead ends: 10581 [2025-03-03 14:25:25,434 INFO L226 Difference]: Without dead ends: 6976 [2025-03-03 14:25:25,450 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:25,451 INFO L435 NwaCegarLoop]: 627 mSDtfsCounter, 116 mSDsluCounter, 608 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1235 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:25,451 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1235 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:25,458 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 6976 states. [2025-03-03 14:25:25,700 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 6976 to 6968. [2025-03-03 14:25:25,717 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6968 states, 5679 states have (on average 1.669836238774432) internal successors, (9483), 5686 states have internal predecessors, (9483), 1256 states have call successors, (1256), 29 states have call predecessors, (1256), 32 states have return successors, (1373), 1254 states have call predecessors, (1373), 1255 states have call successors, (1373) [2025-03-03 14:25:25,752 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6968 states to 6968 states and 12112 transitions. [2025-03-03 14:25:25,757 INFO L78 Accepts]: Start accepts. Automaton has 6968 states and 12112 transitions. Word has length 177 [2025-03-03 14:25:25,757 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:25,757 INFO L471 AbstractCegarLoop]: Abstraction has 6968 states and 12112 transitions. [2025-03-03 14:25:25,761 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 35.666666666666664) internal successors, (107), 3 states have internal predecessors, (107), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:25,762 INFO L276 IsEmpty]: Start isEmpty. Operand 6968 states and 12112 transitions. [2025-03-03 14:25:25,794 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 160 [2025-03-03 14:25:25,794 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:25,795 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:25,795 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-03 14:25:25,795 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:25,795 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:25,795 INFO L85 PathProgramCache]: Analyzing trace with hash -2003730337, now seen corresponding path program 1 times [2025-03-03 14:25:25,796 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:25,796 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2029014557] [2025-03-03 14:25:25,796 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:25,796 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:25,814 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 159 statements into 1 equivalence classes. [2025-03-03 14:25:25,821 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 159 of 159 statements. [2025-03-03 14:25:25,824 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:25,824 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:25,858 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:25,858 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:25,858 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2029014557] [2025-03-03 14:25:25,858 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2029014557] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:25,858 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:25,858 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:25,858 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [640461583] [2025-03-03 14:25:25,858 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:25,859 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:25,859 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:25,859 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:25,859 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:25,859 INFO L87 Difference]: Start difference. First operand 6968 states and 12112 transitions. Second operand has 3 states, 3 states have (on average 33.666666666666664) internal successors, (101), 3 states have internal predecessors, (101), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:26,180 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:26,180 INFO L93 Difference]: Finished difference Result 17616 states and 30824 transitions. [2025-03-03 14:25:26,181 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:26,181 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 33.666666666666664) internal successors, (101), 3 states have internal predecessors, (101), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 159 [2025-03-03 14:25:26,181 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:26,241 INFO L225 Difference]: With dead ends: 17616 [2025-03-03 14:25:26,241 INFO L226 Difference]: Without dead ends: 11688 [2025-03-03 14:25:26,266 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:26,266 INFO L435 NwaCegarLoop]: 616 mSDtfsCounter, 114 mSDsluCounter, 604 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 132 SdHoareTripleChecker+Valid, 1220 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:26,266 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [132 Valid, 1220 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:26,275 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11688 states. [2025-03-03 14:25:26,735 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11688 to 11680. [2025-03-03 14:25:26,753 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11680 states, 9569 states have (on average 1.6709165012017975) internal successors, (15989), 9576 states have internal predecessors, (15989), 2078 states have call successors, (2078), 29 states have call predecessors, (2078), 32 states have return successors, (2273), 2076 states have call predecessors, (2273), 2077 states have call successors, (2273) [2025-03-03 14:25:26,794 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11680 states to 11680 states and 20340 transitions. [2025-03-03 14:25:26,799 INFO L78 Accepts]: Start accepts. Automaton has 11680 states and 20340 transitions. Word has length 159 [2025-03-03 14:25:26,800 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:26,800 INFO L471 AbstractCegarLoop]: Abstraction has 11680 states and 20340 transitions. [2025-03-03 14:25:26,800 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 33.666666666666664) internal successors, (101), 3 states have internal predecessors, (101), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:26,801 INFO L276 IsEmpty]: Start isEmpty. Operand 11680 states and 20340 transitions. [2025-03-03 14:25:26,847 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 161 [2025-03-03 14:25:26,847 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:26,847 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:26,847 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-03 14:25:26,847 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:26,848 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:26,848 INFO L85 PathProgramCache]: Analyzing trace with hash 685771539, now seen corresponding path program 1 times [2025-03-03 14:25:26,848 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:26,848 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [646463035] [2025-03-03 14:25:26,848 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:26,848 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:26,866 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 160 statements into 1 equivalence classes. [2025-03-03 14:25:26,878 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 160 of 160 statements. [2025-03-03 14:25:26,878 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:26,878 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:26,915 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:26,915 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:26,915 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [646463035] [2025-03-03 14:25:26,915 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [646463035] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:26,915 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:26,915 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:26,915 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1198272547] [2025-03-03 14:25:26,915 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:26,915 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:26,915 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:26,916 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:26,916 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:26,916 INFO L87 Difference]: Start difference. First operand 11680 states and 20340 transitions. Second operand has 3 states, 3 states have (on average 34.0) internal successors, (102), 3 states have internal predecessors, (102), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:27,298 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:27,298 INFO L93 Difference]: Finished difference Result 27847 states and 48466 transitions. [2025-03-03 14:25:27,299 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:27,299 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.0) internal successors, (102), 3 states have internal predecessors, (102), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 160 [2025-03-03 14:25:27,299 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:27,364 INFO L225 Difference]: With dead ends: 27847 [2025-03-03 14:25:27,364 INFO L226 Difference]: Without dead ends: 18144 [2025-03-03 14:25:27,396 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:27,397 INFO L435 NwaCegarLoop]: 616 mSDtfsCounter, 112 mSDsluCounter, 576 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 1192 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:27,397 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 1192 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:27,413 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 18144 states. [2025-03-03 14:25:27,942 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 18144 to 18136. [2025-03-03 14:25:27,969 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 18136 states, 14822 states have (on average 1.6474160032384293) internal successors, (24418), 14829 states have internal predecessors, (24418), 3281 states have call successors, (3281), 29 states have call predecessors, (3281), 32 states have return successors, (3620), 3279 states have call predecessors, (3620), 3280 states have call successors, (3620) [2025-03-03 14:25:28,091 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18136 states to 18136 states and 31319 transitions. [2025-03-03 14:25:28,099 INFO L78 Accepts]: Start accepts. Automaton has 18136 states and 31319 transitions. Word has length 160 [2025-03-03 14:25:28,099 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:28,099 INFO L471 AbstractCegarLoop]: Abstraction has 18136 states and 31319 transitions. [2025-03-03 14:25:28,099 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.0) internal successors, (102), 3 states have internal predecessors, (102), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:28,099 INFO L276 IsEmpty]: Start isEmpty. Operand 18136 states and 31319 transitions. [2025-03-03 14:25:28,147 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 181 [2025-03-03 14:25:28,147 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:28,147 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:28,147 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-03 14:25:28,147 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:28,148 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:28,148 INFO L85 PathProgramCache]: Analyzing trace with hash -1456206799, now seen corresponding path program 1 times [2025-03-03 14:25:28,149 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:28,149 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [970815938] [2025-03-03 14:25:28,149 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:28,149 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:28,171 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 180 statements into 1 equivalence classes. [2025-03-03 14:25:28,181 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 180 of 180 statements. [2025-03-03 14:25:28,181 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:28,181 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:28,222 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:25:28,223 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:28,223 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [970815938] [2025-03-03 14:25:28,223 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [970815938] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:28,223 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:28,223 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:28,223 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1872406283] [2025-03-03 14:25:28,225 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:28,225 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:28,225 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:28,226 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:28,226 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:28,226 INFO L87 Difference]: Start difference. First operand 18136 states and 31319 transitions. Second operand has 3 states, 3 states have (on average 36.666666666666664) internal successors, (110), 3 states have internal predecessors, (110), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:29,080 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:29,080 INFO L93 Difference]: Finished difference Result 47874 states and 83035 transitions. [2025-03-03 14:25:29,081 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:29,081 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 36.666666666666664) internal successors, (110), 3 states have internal predecessors, (110), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) Word has length 180 [2025-03-03 14:25:29,081 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:29,298 INFO L225 Difference]: With dead ends: 47874 [2025-03-03 14:25:29,299 INFO L226 Difference]: Without dead ends: 32314 [2025-03-03 14:25:29,328 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:29,329 INFO L435 NwaCegarLoop]: 609 mSDtfsCounter, 110 mSDsluCounter, 603 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1212 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:29,329 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1212 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:29,354 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 32314 states. [2025-03-03 14:25:30,172 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 32314 to 32306. [2025-03-03 14:25:30,216 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 32306 states, 26542 states have (on average 1.644902418807927) internal successors, (43659), 26549 states have internal predecessors, (43659), 5731 states have call successors, (5731), 29 states have call predecessors, (5731), 32 states have return successors, (6344), 5729 states have call predecessors, (6344), 5730 states have call successors, (6344) [2025-03-03 14:25:30,311 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 32306 states to 32306 states and 55734 transitions. [2025-03-03 14:25:30,326 INFO L78 Accepts]: Start accepts. Automaton has 32306 states and 55734 transitions. Word has length 180 [2025-03-03 14:25:30,326 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:30,326 INFO L471 AbstractCegarLoop]: Abstraction has 32306 states and 55734 transitions. [2025-03-03 14:25:30,327 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 36.666666666666664) internal successors, (110), 3 states have internal predecessors, (110), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:30,327 INFO L276 IsEmpty]: Start isEmpty. Operand 32306 states and 55734 transitions. [2025-03-03 14:25:30,385 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 163 [2025-03-03 14:25:30,385 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:30,385 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:30,386 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-03 14:25:30,386 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:30,386 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:30,386 INFO L85 PathProgramCache]: Analyzing trace with hash 896304628, now seen corresponding path program 1 times [2025-03-03 14:25:30,386 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:30,386 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [462834691] [2025-03-03 14:25:30,387 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:30,387 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:30,403 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 162 statements into 1 equivalence classes. [2025-03-03 14:25:30,409 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 162 of 162 statements. [2025-03-03 14:25:30,410 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:30,410 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:30,442 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:30,442 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:30,442 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [462834691] [2025-03-03 14:25:30,442 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [462834691] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:30,442 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:30,442 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:30,442 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1201979349] [2025-03-03 14:25:30,442 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:30,443 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:30,443 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:30,444 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:30,444 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:30,444 INFO L87 Difference]: Start difference. First operand 32306 states and 55734 transitions. Second operand has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:31,610 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:31,610 INFO L93 Difference]: Finished difference Result 87991 states and 152357 transitions. [2025-03-03 14:25:31,611 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:31,611 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 162 [2025-03-03 14:25:31,611 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:31,872 INFO L225 Difference]: With dead ends: 87991 [2025-03-03 14:25:31,872 INFO L226 Difference]: Without dead ends: 59128 [2025-03-03 14:25:31,948 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:31,948 INFO L435 NwaCegarLoop]: 616 mSDtfsCounter, 108 mSDsluCounter, 604 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 1220 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:31,949 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [126 Valid, 1220 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:31,987 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59128 states. [2025-03-03 14:25:33,905 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59128 to 59120. [2025-03-03 14:25:33,980 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59120 states, 48843 states have (on average 1.64115635812706) internal successors, (80159), 48850 states have internal predecessors, (80159), 10244 states have call successors, (10244), 29 states have call predecessors, (10244), 32 states have return successors, (11389), 10242 states have call predecessors, (11389), 10243 states have call successors, (11389) [2025-03-03 14:25:34,160 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59120 states to 59120 states and 101792 transitions. [2025-03-03 14:25:34,186 INFO L78 Accepts]: Start accepts. Automaton has 59120 states and 101792 transitions. Word has length 162 [2025-03-03 14:25:34,187 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:34,187 INFO L471 AbstractCegarLoop]: Abstraction has 59120 states and 101792 transitions. [2025-03-03 14:25:34,187 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:34,187 INFO L276 IsEmpty]: Start isEmpty. Operand 59120 states and 101792 transitions. [2025-03-03 14:25:34,270 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 183 [2025-03-03 14:25:34,271 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:34,271 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:34,271 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-03 14:25:34,271 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:34,271 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:34,271 INFO L85 PathProgramCache]: Analyzing trace with hash 1535464146, now seen corresponding path program 1 times [2025-03-03 14:25:34,272 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:34,272 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [929281384] [2025-03-03 14:25:34,272 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:34,272 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:34,289 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 182 statements into 1 equivalence classes. [2025-03-03 14:25:34,296 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 182 of 182 statements. [2025-03-03 14:25:34,296 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:34,296 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:34,328 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:25:34,328 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:34,328 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [929281384] [2025-03-03 14:25:34,328 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [929281384] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:34,328 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:34,328 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:34,329 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [134985270] [2025-03-03 14:25:34,329 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:34,329 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:34,329 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:34,330 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:34,330 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:34,330 INFO L87 Difference]: Start difference. First operand 59120 states and 101792 transitions. Second operand has 3 states, 3 states have (on average 37.333333333333336) internal successors, (112), 3 states have internal predecessors, (112), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:35,878 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:35,879 INFO L93 Difference]: Finished difference Result 110572 states and 190856 transitions. [2025-03-03 14:25:35,879 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:35,879 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 37.333333333333336) internal successors, (112), 3 states have internal predecessors, (112), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) Word has length 182 [2025-03-03 14:25:35,879 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:36,424 INFO L225 Difference]: With dead ends: 110572 [2025-03-03 14:25:36,424 INFO L226 Difference]: Without dead ends: 110353 [2025-03-03 14:25:36,511 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:36,512 INFO L435 NwaCegarLoop]: 618 mSDtfsCounter, 103 mSDsluCounter, 608 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 1226 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:36,512 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [120 Valid, 1226 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:36,599 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 110353 states. [2025-03-03 14:25:39,766 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 110353 to 110345. [2025-03-03 14:25:39,882 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 110345 states, 91700 states have (on average 1.6361286804798256) internal successors, (150033), 91707 states have internal predecessors, (150033), 18612 states have call successors, (18612), 29 states have call predecessors, (18612), 32 states have return successors, (20803), 18610 states have call predecessors, (20803), 18611 states have call successors, (20803) [2025-03-03 14:25:40,247 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 110345 states to 110345 states and 189448 transitions. [2025-03-03 14:25:40,285 INFO L78 Accepts]: Start accepts. Automaton has 110345 states and 189448 transitions. Word has length 182 [2025-03-03 14:25:40,286 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:40,286 INFO L471 AbstractCegarLoop]: Abstraction has 110345 states and 189448 transitions. [2025-03-03 14:25:40,286 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 37.333333333333336) internal successors, (112), 3 states have internal predecessors, (112), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:40,286 INFO L276 IsEmpty]: Start isEmpty. Operand 110345 states and 189448 transitions. [2025-03-03 14:25:40,410 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 184 [2025-03-03 14:25:40,411 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:40,411 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:40,411 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-03 14:25:40,411 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:40,412 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:40,412 INFO L85 PathProgramCache]: Analyzing trace with hash 350008762, now seen corresponding path program 1 times [2025-03-03 14:25:40,412 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:40,412 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [605443610] [2025-03-03 14:25:40,412 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:40,412 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:40,430 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 183 statements into 1 equivalence classes. [2025-03-03 14:25:40,447 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 183 of 183 statements. [2025-03-03 14:25:40,447 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:40,447 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:40,554 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:25:40,555 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:40,555 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [605443610] [2025-03-03 14:25:40,555 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [605443610] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:40,555 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:40,555 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-03-03 14:25:40,555 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1857023125] [2025-03-03 14:25:40,555 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:40,555 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-03 14:25:40,555 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:40,556 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-03 14:25:40,556 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:25:40,556 INFO L87 Difference]: Start difference. First operand 110345 states and 189448 transitions. Second operand has 6 states, 6 states have (on average 18.833333333333332) internal successors, (113), 5 states have internal predecessors, (113), 2 states have call successors, (24), 3 states have call predecessors, (24), 2 states have return successors, (21), 3 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:44,676 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:44,676 INFO L93 Difference]: Finished difference Result 212418 states and 366236 transitions. [2025-03-03 14:25:44,677 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-03 14:25:44,677 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 18.833333333333332) internal successors, (113), 5 states have internal predecessors, (113), 2 states have call successors, (24), 3 states have call predecessors, (24), 2 states have return successors, (21), 3 states have call predecessors, (21), 2 states have call successors, (21) Word has length 183 [2025-03-03 14:25:44,677 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:45,497 INFO L225 Difference]: With dead ends: 212418 [2025-03-03 14:25:45,497 INFO L226 Difference]: Without dead ends: 212207 [2025-03-03 14:25:45,578 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-03-03 14:25:45,579 INFO L435 NwaCegarLoop]: 667 mSDtfsCounter, 556 mSDsluCounter, 2436 mSDsCounter, 0 mSdLazyCounter, 154 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 557 SdHoareTripleChecker+Valid, 3103 SdHoareTripleChecker+Invalid, 155 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 154 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:45,579 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [557 Valid, 3103 Invalid, 155 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 154 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2025-03-03 14:25:45,697 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 212207 states. [2025-03-03 14:25:51,380 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 212207 to 212199. [2025-03-03 14:25:51,603 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 212199 states, 176412 states have (on average 1.6396163526290728) internal successors, (289248), 176367 states have internal predecessors, (289248), 35726 states have call successors, (35726), 56 states have call predecessors, (35726), 60 states have return successors, (39009), 35779 states have call predecessors, (39009), 35724 states have call successors, (39009) [2025-03-03 14:25:52,938 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 212199 states to 212199 states and 363983 transitions. [2025-03-03 14:25:53,003 INFO L78 Accepts]: Start accepts. Automaton has 212199 states and 363983 transitions. Word has length 183 [2025-03-03 14:25:53,003 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:53,003 INFO L471 AbstractCegarLoop]: Abstraction has 212199 states and 363983 transitions. [2025-03-03 14:25:53,004 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 18.833333333333332) internal successors, (113), 5 states have internal predecessors, (113), 2 states have call successors, (24), 3 states have call predecessors, (24), 2 states have return successors, (21), 3 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:53,004 INFO L276 IsEmpty]: Start isEmpty. Operand 212199 states and 363983 transitions. [2025-03-03 14:25:53,162 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 165 [2025-03-03 14:25:53,162 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:53,163 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:53,163 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2025-03-03 14:25:53,163 INFO L396 AbstractCegarLoop]: === Iteration 22 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:53,163 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:53,163 INFO L85 PathProgramCache]: Analyzing trace with hash -271265515, now seen corresponding path program 1 times [2025-03-03 14:25:53,163 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:53,163 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1051286692] [2025-03-03 14:25:53,163 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:53,163 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:53,178 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 164 statements into 1 equivalence classes. [2025-03-03 14:25:53,185 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 164 of 164 statements. [2025-03-03 14:25:53,186 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:53,186 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:53,748 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2025-03-03 14:25:53,748 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:53,748 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1051286692] [2025-03-03 14:25:53,748 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1051286692] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:53,748 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [702030332] [2025-03-03 14:25:53,748 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:53,749 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:53,749 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:53,751 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:53,753 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Waiting until timeout for monitored process [2025-03-03 14:25:53,943 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 164 statements into 1 equivalence classes. [2025-03-03 14:25:54,034 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 164 of 164 statements. [2025-03-03 14:25:54,035 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:54,035 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:54,038 INFO L256 TraceCheckSpWp]: Trace formula consists of 1251 conjuncts, 13 conjuncts are in the unsatisfiable core [2025-03-03 14:25:54,043 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:54,236 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 18 proven. 6 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2025-03-03 14:25:54,236 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:25:54,532 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 2 proven. 8 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:25:54,532 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [702030332] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:25:54,532 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:25:54,532 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 9, 9] total 28 [2025-03-03 14:25:54,533 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [954991827] [2025-03-03 14:25:54,533 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:25:54,533 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 28 states [2025-03-03 14:25:54,533 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:54,534 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2025-03-03 14:25:54,534 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=68, Invalid=688, Unknown=0, NotChecked=0, Total=756 [2025-03-03 14:25:54,534 INFO L87 Difference]: Start difference. First operand 212199 states and 363983 transitions. Second operand has 28 states, 26 states have (on average 10.038461538461538) internal successors, (261), 24 states have internal predecessors, (261), 9 states have call successors, (54), 8 states have call predecessors, (54), 12 states have return successors, (47), 11 states have call predecessors, (47), 9 states have call successors, (47)