./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec8_product14.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec8_product14.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash db5154a0e253326ecbc6009dd1b2954eaac96f88a97328f2e835902c9850ef53 --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:26:16,447 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:26:16,507 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:26:16,513 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:26:16,513 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:26:16,534 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:26:16,536 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:26:16,536 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:26:16,536 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:26:16,537 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:26:16,537 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:26:16,537 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:26:16,537 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:26:16,537 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:26:16,538 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:26:16,538 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:26:16,538 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:26:16,538 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:26:16,538 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:26:16,538 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:26:16,538 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:26:16,538 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:26:16,538 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:26:16,538 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:26:16,538 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:26:16,538 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:26:16,539 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:26:16,539 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:26:16,539 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> db5154a0e253326ecbc6009dd1b2954eaac96f88a97328f2e835902c9850ef53 [2025-03-03 14:26:16,749 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:26:16,757 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:26:16,759 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:26:16,760 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:26:16,760 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:26:16,762 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec8_product14.cil.c [2025-03-03 14:26:17,919 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/51963559b/4352305ffabe44d3add59a32b47fceb0/FLAGb70fd8da6 [2025-03-03 14:26:18,298 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:26:18,299 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec8_product14.cil.c [2025-03-03 14:26:18,317 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/51963559b/4352305ffabe44d3add59a32b47fceb0/FLAGb70fd8da6 [2025-03-03 14:26:18,334 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/51963559b/4352305ffabe44d3add59a32b47fceb0 [2025-03-03 14:26:18,337 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:26:18,338 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:26:18,339 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:26:18,340 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:26:18,343 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:26:18,344 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:18,345 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5f32d09c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18, skipping insertion in model container [2025-03-03 14:26:18,345 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:18,388 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:26:18,599 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec8_product14.cil.c[17564,17577] [2025-03-03 14:26:18,686 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:26:18,700 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:26:18,705 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [48] [2025-03-03 14:26:18,706 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [414] [2025-03-03 14:26:18,706 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [432] [2025-03-03 14:26:18,706 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [740] [2025-03-03 14:26:18,707 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [749] [2025-03-03 14:26:18,707 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EncryptAutoResponder_spec.i","") [855] [2025-03-03 14:26:18,707 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [897] [2025-03-03 14:26:18,707 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [1300] [2025-03-03 14:26:18,708 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [1525] [2025-03-03 14:26:18,708 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [2598] [2025-03-03 14:26:18,708 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [2879] [2025-03-03 14:26:18,749 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec8_product14.cil.c[17564,17577] [2025-03-03 14:26:18,812 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:26:18,839 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:26:18,841 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18 WrapperNode [2025-03-03 14:26:18,841 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:26:18,842 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:26:18,842 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:26:18,843 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:26:18,848 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:18,869 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:18,922 INFO L138 Inliner]: procedures = 126, calls = 192, calls flagged for inlining = 51, calls inlined = 43, statements flattened = 904 [2025-03-03 14:26:18,922 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:26:18,926 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:26:18,926 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:26:18,926 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:26:18,935 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:18,935 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:18,941 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:18,974 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-03 14:26:18,975 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:18,975 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:18,996 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:18,998 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:19,004 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:19,011 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:19,017 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:26:19,018 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:26:19,021 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:26:19,021 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:26:19,022 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (1/1) ... [2025-03-03 14:26:19,026 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:26:19,036 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:19,048 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:26:19,050 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:26:19,068 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-03 14:26:19,069 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-03 14:26:19,069 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-03 14:26:19,069 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-03 14:26:19,069 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-03 14:26:19,069 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-03 14:26:19,069 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-03 14:26:19,069 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-03 14:26:19,069 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-03 14:26:19,070 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-03 14:26:19,070 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-03 14:26:19,070 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-03 14:26:19,070 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-03 14:26:19,070 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-03 14:26:19,070 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-03 14:26:19,070 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-03 14:26:19,070 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-03 14:26:19,071 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-03 14:26:19,071 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-03 14:26:19,071 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-03 14:26:19,071 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:26:19,071 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-03 14:26:19,072 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-03 14:26:19,072 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-03 14:26:19,072 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-03 14:26:19,072 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-03 14:26:19,072 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-03 14:26:19,072 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-03 14:26:19,072 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-03 14:26:19,072 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-03 14:26:19,072 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-03 14:26:19,072 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-03 14:26:19,072 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-03 14:26:19,072 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-03 14:26:19,072 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-03 14:26:19,072 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-03 14:26:19,072 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-03 14:26:19,072 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-03 14:26:19,073 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-03 14:26:19,073 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:26:19,073 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-03 14:26:19,073 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-03 14:26:19,073 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-03 14:26:19,073 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-03 14:26:19,073 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-03 14:26:19,073 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-03 14:26:19,073 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-03 14:26:19,073 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:26:19,073 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:26:19,223 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:26:19,225 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:26:19,300 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2232: #res#1 := ~retValue_acc~35#1; [2025-03-03 14:26:19,300 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2187-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~34#1; [2025-03-03 14:26:19,449 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2456-1: findPublicKey_#res#1 := findPublicKey_~retValue_acc~38#1; [2025-03-03 14:26:19,450 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2575-1: getClientId_#res#1 := getClientId_~retValue_acc~40#1; [2025-03-03 14:26:19,450 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2140-1: getClientPrivateKey_#res#1 := getClientPrivateKey_~retValue_acc~33#1; [2025-03-03 14:26:19,450 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L720-1: isKeyPairValid_#res#1 := isKeyPairValid_~retValue_acc~8#1; [2025-03-03 14:26:19,458 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L852-1: createEmail_#res#1 := createEmail_~retValue_acc~12#1; [2025-03-03 14:26:19,464 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1684: #res := ~retValue_acc~27; [2025-03-03 14:26:19,473 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1133: #res := ~retValue_acc~19; [2025-03-03 14:26:19,507 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1170: #res := ~retValue_acc~20; [2025-03-03 14:26:19,530 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1018: #res := ~retValue_acc~16; [2025-03-03 14:26:19,577 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2010: #res := ~retValue_acc~31; [2025-03-03 14:26:19,774 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2911-1: valid_product_#res#1 := valid_product_~retValue_acc~43#1; [2025-03-03 14:26:19,774 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2402-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~37#1; [2025-03-03 14:26:19,774 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2295-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~36#1; [2025-03-03 14:26:19,775 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L677-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~5#1; [2025-03-03 14:26:19,775 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L686-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~6#1; [2025-03-03 14:26:19,775 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L695-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~7#1; [2025-03-03 14:26:19,875 INFO L? ?]: Removed 443 outVars from TransFormulas that were not future-live. [2025-03-03 14:26:19,875 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:26:19,893 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:26:19,896 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:26:19,896 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:26:19 BoogieIcfgContainer [2025-03-03 14:26:19,897 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:26:19,899 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:26:19,899 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:26:19,902 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:26:19,903 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:26:18" (1/3) ... [2025-03-03 14:26:19,903 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5b64a3dd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:26:19, skipping insertion in model container [2025-03-03 14:26:19,903 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:18" (2/3) ... [2025-03-03 14:26:19,903 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5b64a3dd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:26:19, skipping insertion in model container [2025-03-03 14:26:19,903 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:26:19" (3/3) ... [2025-03-03 14:26:19,905 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec8_product14.cil.c [2025-03-03 14:26:19,917 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:26:19,920 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec8_product14.cil.c that has 22 procedures, 342 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-03 14:26:19,971 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:26:19,981 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@e3bb698, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:26:19,981 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:26:19,987 INFO L276 IsEmpty]: Start isEmpty. Operand has 342 states, 267 states have (on average 1.5842696629213484) internal successors, (423), 272 states have internal predecessors, (423), 52 states have call successors, (52), 21 states have call predecessors, (52), 21 states have return successors, (52), 51 states have call predecessors, (52), 52 states have call successors, (52) [2025-03-03 14:26:20,001 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2025-03-03 14:26:20,001 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:20,002 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:20,002 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:20,006 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:20,006 INFO L85 PathProgramCache]: Analyzing trace with hash -1067318514, now seen corresponding path program 1 times [2025-03-03 14:26:20,011 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:20,011 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1009338822] [2025-03-03 14:26:20,012 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:20,012 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:20,123 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 98 statements into 1 equivalence classes. [2025-03-03 14:26:20,182 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 98 of 98 statements. [2025-03-03 14:26:20,186 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:20,186 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:20,607 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2025-03-03 14:26:20,607 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:20,607 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1009338822] [2025-03-03 14:26:20,608 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1009338822] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:20,608 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [25840401] [2025-03-03 14:26:20,608 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:20,608 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:20,608 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:20,613 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:20,614 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:26:20,766 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 98 statements into 1 equivalence classes. [2025-03-03 14:26:20,888 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 98 of 98 statements. [2025-03-03 14:26:20,888 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:20,888 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:20,893 INFO L256 TraceCheckSpWp]: Trace formula consists of 955 conjuncts, 1 conjuncts are in the unsatisfiable core [2025-03-03 14:26:20,899 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:20,916 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:26:20,917 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:20,917 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [25840401] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:20,917 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:20,918 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [5] total 5 [2025-03-03 14:26:20,919 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1913205544] [2025-03-03 14:26:20,920 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:20,923 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:26:20,923 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:20,937 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:26:20,938 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:20,941 INFO L87 Difference]: Start difference. First operand has 342 states, 267 states have (on average 1.5842696629213484) internal successors, (423), 272 states have internal predecessors, (423), 52 states have call successors, (52), 21 states have call predecessors, (52), 21 states have return successors, (52), 51 states have call predecessors, (52), 52 states have call successors, (52) Second operand has 2 states, 2 states have (on average 28.0) internal successors, (56), 2 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:20,993 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:20,995 INFO L93 Difference]: Finished difference Result 497 states and 754 transitions. [2025-03-03 14:26:20,996 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:26:20,997 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 28.0) internal successors, (56), 2 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 98 [2025-03-03 14:26:20,997 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:21,011 INFO L225 Difference]: With dead ends: 497 [2025-03-03 14:26:21,011 INFO L226 Difference]: Without dead ends: 335 [2025-03-03 14:26:21,016 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 102 GetRequests, 99 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:21,019 INFO L435 NwaCegarLoop]: 524 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 524 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:21,021 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 524 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:21,034 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 335 states. [2025-03-03 14:26:21,071 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 335 to 335. [2025-03-03 14:26:21,072 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 335 states, 261 states have (on average 1.582375478927203) internal successors, (413), 265 states have internal predecessors, (413), 52 states have call successors, (52), 21 states have call predecessors, (52), 21 states have return successors, (51), 50 states have call predecessors, (51), 51 states have call successors, (51) [2025-03-03 14:26:21,077 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 335 states to 335 states and 516 transitions. [2025-03-03 14:26:21,079 INFO L78 Accepts]: Start accepts. Automaton has 335 states and 516 transitions. Word has length 98 [2025-03-03 14:26:21,080 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:21,080 INFO L471 AbstractCegarLoop]: Abstraction has 335 states and 516 transitions. [2025-03-03 14:26:21,080 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 28.0) internal successors, (56), 2 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:21,080 INFO L276 IsEmpty]: Start isEmpty. Operand 335 states and 516 transitions. [2025-03-03 14:26:21,085 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 100 [2025-03-03 14:26:21,085 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:21,086 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:21,093 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-03 14:26:21,286 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-03 14:26:21,286 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:21,287 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:21,287 INFO L85 PathProgramCache]: Analyzing trace with hash 669717410, now seen corresponding path program 1 times [2025-03-03 14:26:21,287 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:21,287 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [372872812] [2025-03-03 14:26:21,287 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:21,287 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:21,307 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 99 statements into 1 equivalence classes. [2025-03-03 14:26:21,318 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 99 of 99 statements. [2025-03-03 14:26:21,318 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:21,318 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:21,503 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2025-03-03 14:26:21,505 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:21,505 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [372872812] [2025-03-03 14:26:21,506 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [372872812] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:21,506 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [440529032] [2025-03-03 14:26:21,506 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:21,506 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:21,506 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:21,509 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:21,511 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:26:21,639 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 99 statements into 1 equivalence classes. [2025-03-03 14:26:21,745 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 99 of 99 statements. [2025-03-03 14:26:21,745 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:21,745 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:21,749 INFO L256 TraceCheckSpWp]: Trace formula consists of 956 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-03 14:26:21,756 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:21,789 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:26:21,789 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:21,789 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [440529032] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:21,789 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:21,789 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:26:21,789 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [632553713] [2025-03-03 14:26:21,789 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:21,790 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:21,790 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:21,791 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:21,791 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:26:21,791 INFO L87 Difference]: Start difference. First operand 335 states and 516 transitions. Second operand has 3 states, 3 states have (on average 19.0) internal successors, (57), 3 states have internal predecessors, (57), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:21,834 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:21,835 INFO L93 Difference]: Finished difference Result 486 states and 732 transitions. [2025-03-03 14:26:21,835 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:21,835 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 19.0) internal successors, (57), 3 states have internal predecessors, (57), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 99 [2025-03-03 14:26:21,836 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:21,840 INFO L225 Difference]: With dead ends: 486 [2025-03-03 14:26:21,840 INFO L226 Difference]: Without dead ends: 337 [2025-03-03 14:26:21,843 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 103 GetRequests, 99 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:26:21,843 INFO L435 NwaCegarLoop]: 515 mSDtfsCounter, 0 mSDsluCounter, 513 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1028 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:21,844 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1028 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:21,845 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 337 states. [2025-03-03 14:26:21,865 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 337 to 337. [2025-03-03 14:26:21,868 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 337 states, 263 states have (on average 1.5779467680608366) internal successors, (415), 267 states have internal predecessors, (415), 52 states have call successors, (52), 21 states have call predecessors, (52), 21 states have return successors, (51), 50 states have call predecessors, (51), 51 states have call successors, (51) [2025-03-03 14:26:21,873 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 337 states to 337 states and 518 transitions. [2025-03-03 14:26:21,874 INFO L78 Accepts]: Start accepts. Automaton has 337 states and 518 transitions. Word has length 99 [2025-03-03 14:26:21,875 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:21,875 INFO L471 AbstractCegarLoop]: Abstraction has 337 states and 518 transitions. [2025-03-03 14:26:21,876 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 19.0) internal successors, (57), 3 states have internal predecessors, (57), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:21,876 INFO L276 IsEmpty]: Start isEmpty. Operand 337 states and 518 transitions. [2025-03-03 14:26:21,878 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 105 [2025-03-03 14:26:21,878 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:21,878 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:21,887 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:22,079 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-03 14:26:22,080 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:22,080 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:22,080 INFO L85 PathProgramCache]: Analyzing trace with hash -1785472221, now seen corresponding path program 1 times [2025-03-03 14:26:22,080 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:22,080 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1957602536] [2025-03-03 14:26:22,080 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:22,080 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:22,106 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 104 statements into 1 equivalence classes. [2025-03-03 14:26:22,114 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 104 of 104 statements. [2025-03-03 14:26:22,114 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:22,114 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:22,310 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:26:22,312 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:22,312 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1957602536] [2025-03-03 14:26:22,312 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1957602536] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:22,312 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1576402577] [2025-03-03 14:26:22,312 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:22,312 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:22,312 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:22,314 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:22,322 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:26:22,459 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 104 statements into 1 equivalence classes. [2025-03-03 14:26:22,570 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 104 of 104 statements. [2025-03-03 14:26:22,570 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:22,570 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:22,574 INFO L256 TraceCheckSpWp]: Trace formula consists of 968 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:26:22,578 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:22,594 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:26:22,595 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:22,595 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1576402577] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:22,595 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:22,595 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:26:22,595 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1637334063] [2025-03-03 14:26:22,595 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:22,596 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:22,597 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:22,597 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:22,597 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:26:22,598 INFO L87 Difference]: Start difference. First operand 337 states and 518 transitions. Second operand has 3 states, 3 states have (on average 20.666666666666668) internal successors, (62), 3 states have internal predecessors, (62), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:22,639 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:22,641 INFO L93 Difference]: Finished difference Result 716 states and 1119 transitions. [2025-03-03 14:26:22,641 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:22,642 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 20.666666666666668) internal successors, (62), 3 states have internal predecessors, (62), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 104 [2025-03-03 14:26:22,642 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:22,644 INFO L225 Difference]: With dead ends: 716 [2025-03-03 14:26:22,644 INFO L226 Difference]: Without dead ends: 406 [2025-03-03 14:26:22,646 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 108 GetRequests, 104 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:26:22,646 INFO L435 NwaCegarLoop]: 533 mSDtfsCounter, 126 mSDsluCounter, 469 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 1002 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:22,646 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 1002 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:22,648 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 406 states. [2025-03-03 14:26:22,671 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 406 to 398. [2025-03-03 14:26:22,672 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 398 states, 310 states have (on average 1.596774193548387) internal successors, (495), 314 states have internal predecessors, (495), 66 states have call successors, (66), 21 states have call predecessors, (66), 21 states have return successors, (65), 64 states have call predecessors, (65), 65 states have call successors, (65) [2025-03-03 14:26:22,675 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 398 states to 398 states and 626 transitions. [2025-03-03 14:26:22,676 INFO L78 Accepts]: Start accepts. Automaton has 398 states and 626 transitions. Word has length 104 [2025-03-03 14:26:22,678 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:22,678 INFO L471 AbstractCegarLoop]: Abstraction has 398 states and 626 transitions. [2025-03-03 14:26:22,679 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 20.666666666666668) internal successors, (62), 3 states have internal predecessors, (62), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:22,679 INFO L276 IsEmpty]: Start isEmpty. Operand 398 states and 626 transitions. [2025-03-03 14:26:22,681 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 106 [2025-03-03 14:26:22,682 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:22,682 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:22,690 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2025-03-03 14:26:22,887 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:22,887 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:22,888 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:22,888 INFO L85 PathProgramCache]: Analyzing trace with hash 71819901, now seen corresponding path program 1 times [2025-03-03 14:26:22,888 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:22,888 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [64167057] [2025-03-03 14:26:22,888 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:22,888 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:22,906 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 105 statements into 1 equivalence classes. [2025-03-03 14:26:22,911 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 105 of 105 statements. [2025-03-03 14:26:22,911 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:22,912 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:23,037 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:26:23,038 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:23,038 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [64167057] [2025-03-03 14:26:23,038 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [64167057] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:23,038 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [300251829] [2025-03-03 14:26:23,038 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:23,038 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:23,038 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:23,040 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:23,043 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-03 14:26:23,156 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 105 statements into 1 equivalence classes. [2025-03-03 14:26:23,243 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 105 of 105 statements. [2025-03-03 14:26:23,244 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:23,244 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:23,247 INFO L256 TraceCheckSpWp]: Trace formula consists of 973 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-03 14:26:23,251 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:23,296 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-03 14:26:23,296 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:23,296 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [300251829] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:23,296 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:23,296 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:26:23,297 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1099339292] [2025-03-03 14:26:23,297 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:23,297 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:23,297 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:23,298 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:23,298 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:23,298 INFO L87 Difference]: Start difference. First operand 398 states and 626 transitions. Second operand has 5 states, 4 states have (on average 17.75) internal successors, (71), 5 states have internal predecessors, (71), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:23,366 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:23,366 INFO L93 Difference]: Finished difference Result 787 states and 1242 transitions. [2025-03-03 14:26:23,367 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:23,368 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 17.75) internal successors, (71), 5 states have internal predecessors, (71), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 105 [2025-03-03 14:26:23,368 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:23,373 INFO L225 Difference]: With dead ends: 787 [2025-03-03 14:26:23,373 INFO L226 Difference]: Without dead ends: 400 [2025-03-03 14:26:23,375 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 109 GetRequests, 103 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:23,375 INFO L435 NwaCegarLoop]: 508 mSDtfsCounter, 2 mSDsluCounter, 1513 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2021 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:23,376 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2021 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:23,376 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 400 states. [2025-03-03 14:26:23,387 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 400 to 400. [2025-03-03 14:26:23,388 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 400 states, 311 states have (on average 1.594855305466238) internal successors, (496), 316 states have internal predecessors, (496), 66 states have call successors, (66), 21 states have call predecessors, (66), 22 states have return successors, (67), 64 states have call predecessors, (67), 65 states have call successors, (67) [2025-03-03 14:26:23,390 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 400 states to 400 states and 629 transitions. [2025-03-03 14:26:23,390 INFO L78 Accepts]: Start accepts. Automaton has 400 states and 629 transitions. Word has length 105 [2025-03-03 14:26:23,391 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:23,391 INFO L471 AbstractCegarLoop]: Abstraction has 400 states and 629 transitions. [2025-03-03 14:26:23,391 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 17.75) internal successors, (71), 5 states have internal predecessors, (71), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:23,391 INFO L276 IsEmpty]: Start isEmpty. Operand 400 states and 629 transitions. [2025-03-03 14:26:23,393 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2025-03-03 14:26:23,393 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:23,393 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:23,401 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:23,593 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:23,594 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:23,594 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:23,595 INFO L85 PathProgramCache]: Analyzing trace with hash 153595103, now seen corresponding path program 1 times [2025-03-03 14:26:23,595 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:23,595 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [802524470] [2025-03-03 14:26:23,595 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:23,595 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:23,609 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 106 statements into 1 equivalence classes. [2025-03-03 14:26:23,616 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 106 of 106 statements. [2025-03-03 14:26:23,616 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:23,616 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:23,738 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2025-03-03 14:26:23,738 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:23,738 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [802524470] [2025-03-03 14:26:23,739 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [802524470] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:23,739 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [930393387] [2025-03-03 14:26:23,739 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:23,739 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:23,739 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:23,741 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:23,742 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-03 14:26:23,861 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 106 statements into 1 equivalence classes. [2025-03-03 14:26:23,952 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 106 of 106 statements. [2025-03-03 14:26:23,952 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:23,952 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:23,956 INFO L256 TraceCheckSpWp]: Trace formula consists of 974 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:26:23,961 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:23,999 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-03 14:26:24,000 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:24,000 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [930393387] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:24,000 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:24,000 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-03 14:26:24,001 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1508872936] [2025-03-03 14:26:24,001 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:24,001 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:24,001 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:24,001 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:24,001 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:26:24,002 INFO L87 Difference]: Start difference. First operand 400 states and 629 transitions. Second operand has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:24,065 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:24,066 INFO L93 Difference]: Finished difference Result 789 states and 1247 transitions. [2025-03-03 14:26:24,066 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:24,067 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 106 [2025-03-03 14:26:24,067 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:24,069 INFO L225 Difference]: With dead ends: 789 [2025-03-03 14:26:24,069 INFO L226 Difference]: Without dead ends: 402 [2025-03-03 14:26:24,071 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 113 GetRequests, 104 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:26:24,071 INFO L435 NwaCegarLoop]: 506 mSDtfsCounter, 2 mSDsluCounter, 1501 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2007 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:24,072 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2007 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:24,072 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 402 states. [2025-03-03 14:26:24,097 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 402 to 402. [2025-03-03 14:26:24,098 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 402 states, 312 states have (on average 1.5929487179487178) internal successors, (497), 318 states have internal predecessors, (497), 66 states have call successors, (66), 21 states have call predecessors, (66), 23 states have return successors, (72), 64 states have call predecessors, (72), 65 states have call successors, (72) [2025-03-03 14:26:24,101 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 402 states to 402 states and 635 transitions. [2025-03-03 14:26:24,101 INFO L78 Accepts]: Start accepts. Automaton has 402 states and 635 transitions. Word has length 106 [2025-03-03 14:26:24,101 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:24,101 INFO L471 AbstractCegarLoop]: Abstraction has 402 states and 635 transitions. [2025-03-03 14:26:24,102 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:24,102 INFO L276 IsEmpty]: Start isEmpty. Operand 402 states and 635 transitions. [2025-03-03 14:26:24,104 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 108 [2025-03-03 14:26:24,105 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:24,105 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:24,113 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:24,305 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:24,306 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:24,306 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:24,306 INFO L85 PathProgramCache]: Analyzing trace with hash 185383096, now seen corresponding path program 1 times [2025-03-03 14:26:24,307 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:24,307 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2132273695] [2025-03-03 14:26:24,307 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:24,307 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:24,321 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 107 statements into 1 equivalence classes. [2025-03-03 14:26:24,332 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 107 of 107 statements. [2025-03-03 14:26:24,332 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:24,332 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:24,437 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:26:24,438 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:24,438 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2132273695] [2025-03-03 14:26:24,438 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2132273695] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:24,438 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:24,438 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:26:24,438 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2093773163] [2025-03-03 14:26:24,438 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:24,439 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:24,439 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:24,440 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:24,440 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:24,440 INFO L87 Difference]: Start difference. First operand 402 states and 635 transitions. Second operand has 5 states, 4 states have (on average 17.25) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:24,484 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:24,484 INFO L93 Difference]: Finished difference Result 781 states and 1238 transitions. [2025-03-03 14:26:24,485 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:24,485 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 17.25) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 107 [2025-03-03 14:26:24,485 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:24,488 INFO L225 Difference]: With dead ends: 781 [2025-03-03 14:26:24,488 INFO L226 Difference]: Without dead ends: 402 [2025-03-03 14:26:24,490 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:24,492 INFO L435 NwaCegarLoop]: 509 mSDtfsCounter, 2 mSDsluCounter, 1516 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2025 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:24,492 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2025 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:24,494 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 402 states. [2025-03-03 14:26:24,512 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 402 to 402. [2025-03-03 14:26:24,516 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 402 states, 312 states have (on average 1.5929487179487178) internal successors, (497), 318 states have internal predecessors, (497), 66 states have call successors, (66), 21 states have call predecessors, (66), 23 states have return successors, (71), 64 states have call predecessors, (71), 65 states have call successors, (71) [2025-03-03 14:26:24,518 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 402 states to 402 states and 634 transitions. [2025-03-03 14:26:24,520 INFO L78 Accepts]: Start accepts. Automaton has 402 states and 634 transitions. Word has length 107 [2025-03-03 14:26:24,520 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:24,520 INFO L471 AbstractCegarLoop]: Abstraction has 402 states and 634 transitions. [2025-03-03 14:26:24,520 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 17.25) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:24,520 INFO L276 IsEmpty]: Start isEmpty. Operand 402 states and 634 transitions. [2025-03-03 14:26:24,522 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 109 [2025-03-03 14:26:24,522 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:24,523 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:24,523 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:26:24,523 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:24,523 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:24,523 INFO L85 PathProgramCache]: Analyzing trace with hash 1374772540, now seen corresponding path program 2 times [2025-03-03 14:26:24,523 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:24,524 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1069812078] [2025-03-03 14:26:24,524 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:26:24,524 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:24,540 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 108 statements into 2 equivalence classes. [2025-03-03 14:26:24,552 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 108 of 108 statements. [2025-03-03 14:26:24,553 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-03 14:26:24,553 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:24,632 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:26:24,632 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:24,632 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1069812078] [2025-03-03 14:26:24,632 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1069812078] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:24,632 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:24,632 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:26:24,633 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [450440732] [2025-03-03 14:26:24,633 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:24,633 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:24,633 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:24,634 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:24,634 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:24,634 INFO L87 Difference]: Start difference. First operand 402 states and 634 transitions. Second operand has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:24,681 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:24,681 INFO L93 Difference]: Finished difference Result 779 states and 1233 transitions. [2025-03-03 14:26:24,682 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:24,682 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 108 [2025-03-03 14:26:24,682 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:24,685 INFO L225 Difference]: With dead ends: 779 [2025-03-03 14:26:24,685 INFO L226 Difference]: Without dead ends: 402 [2025-03-03 14:26:24,687 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:24,688 INFO L435 NwaCegarLoop]: 507 mSDtfsCounter, 2 mSDsluCounter, 1504 mSDsCounter, 0 mSdLazyCounter, 45 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2011 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 45 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:24,689 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2011 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 45 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:24,690 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 402 states. [2025-03-03 14:26:24,707 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 402 to 402. [2025-03-03 14:26:24,709 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 402 states, 312 states have (on average 1.5929487179487178) internal successors, (497), 318 states have internal predecessors, (497), 66 states have call successors, (66), 21 states have call predecessors, (66), 23 states have return successors, (70), 64 states have call predecessors, (70), 65 states have call successors, (70) [2025-03-03 14:26:24,711 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 402 states to 402 states and 633 transitions. [2025-03-03 14:26:24,712 INFO L78 Accepts]: Start accepts. Automaton has 402 states and 633 transitions. Word has length 108 [2025-03-03 14:26:24,712 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:24,712 INFO L471 AbstractCegarLoop]: Abstraction has 402 states and 633 transitions. [2025-03-03 14:26:24,713 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:24,713 INFO L276 IsEmpty]: Start isEmpty. Operand 402 states and 633 transitions. [2025-03-03 14:26:24,714 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 110 [2025-03-03 14:26:24,714 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:24,715 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:24,715 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:26:24,715 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:24,715 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:24,716 INFO L85 PathProgramCache]: Analyzing trace with hash -380864265, now seen corresponding path program 3 times [2025-03-03 14:26:24,716 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:24,716 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1804864223] [2025-03-03 14:26:24,716 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2025-03-03 14:26:24,716 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:24,733 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 partitioned 109 statements into 3 equivalence classes. [2025-03-03 14:26:24,743 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) and asserted 97 of 109 statements. [2025-03-03 14:26:24,743 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2025-03-03 14:26:24,743 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:24,838 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:26:24,838 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:24,838 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1804864223] [2025-03-03 14:26:24,838 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1804864223] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:24,838 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:24,838 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:26:24,838 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [824742911] [2025-03-03 14:26:24,840 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:24,842 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:24,842 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:24,843 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:24,843 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:24,843 INFO L87 Difference]: Start difference. First operand 402 states and 633 transitions. Second operand has 5 states, 5 states have (on average 14.0) internal successors, (70), 5 states have internal predecessors, (70), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:24,895 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:24,895 INFO L93 Difference]: Finished difference Result 781 states and 1239 transitions. [2025-03-03 14:26:24,896 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:24,896 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 14.0) internal successors, (70), 5 states have internal predecessors, (70), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 109 [2025-03-03 14:26:24,896 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:24,901 INFO L225 Difference]: With dead ends: 781 [2025-03-03 14:26:24,902 INFO L226 Difference]: Without dead ends: 404 [2025-03-03 14:26:24,903 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:24,903 INFO L435 NwaCegarLoop]: 510 mSDtfsCounter, 1 mSDsluCounter, 1512 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2022 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:24,903 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2022 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:24,904 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 404 states. [2025-03-03 14:26:24,916 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 404 to 404. [2025-03-03 14:26:24,917 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 404 states, 313 states have (on average 1.5910543130990416) internal successors, (498), 320 states have internal predecessors, (498), 66 states have call successors, (66), 21 states have call predecessors, (66), 24 states have return successors, (75), 64 states have call predecessors, (75), 65 states have call successors, (75) [2025-03-03 14:26:24,919 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 404 states to 404 states and 639 transitions. [2025-03-03 14:26:24,920 INFO L78 Accepts]: Start accepts. Automaton has 404 states and 639 transitions. Word has length 109 [2025-03-03 14:26:24,920 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:24,920 INFO L471 AbstractCegarLoop]: Abstraction has 404 states and 639 transitions. [2025-03-03 14:26:24,920 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 14.0) internal successors, (70), 5 states have internal predecessors, (70), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:24,920 INFO L276 IsEmpty]: Start isEmpty. Operand 404 states and 639 transitions. [2025-03-03 14:26:24,922 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2025-03-03 14:26:24,922 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:24,922 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:24,922 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:26:24,922 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:24,923 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:24,923 INFO L85 PathProgramCache]: Analyzing trace with hash -1141124256, now seen corresponding path program 1 times [2025-03-03 14:26:24,923 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:24,923 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [635431881] [2025-03-03 14:26:24,923 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:24,923 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:24,938 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-03-03 14:26:24,945 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-03-03 14:26:24,945 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:24,945 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:25,027 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:26:25,028 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:25,028 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [635431881] [2025-03-03 14:26:25,028 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [635431881] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:25,028 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:25,028 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:26:25,028 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [737980141] [2025-03-03 14:26:25,028 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:25,029 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:25,029 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:25,029 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:25,029 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:25,030 INFO L87 Difference]: Start difference. First operand 404 states and 639 transitions. Second operand has 5 states, 4 states have (on average 18.0) internal successors, (72), 5 states have internal predecessors, (72), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:25,070 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:25,070 INFO L93 Difference]: Finished difference Result 787 states and 1249 transitions. [2025-03-03 14:26:25,070 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:25,071 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 18.0) internal successors, (72), 5 states have internal predecessors, (72), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 110 [2025-03-03 14:26:25,071 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:25,074 INFO L225 Difference]: With dead ends: 787 [2025-03-03 14:26:25,074 INFO L226 Difference]: Without dead ends: 406 [2025-03-03 14:26:25,076 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:25,077 INFO L435 NwaCegarLoop]: 510 mSDtfsCounter, 1 mSDsluCounter, 1518 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2028 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:25,077 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2028 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:25,078 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 406 states. [2025-03-03 14:26:25,092 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 406 to 406. [2025-03-03 14:26:25,093 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 406 states, 314 states have (on average 1.589171974522293) internal successors, (499), 322 states have internal predecessors, (499), 66 states have call successors, (66), 21 states have call predecessors, (66), 25 states have return successors, (77), 64 states have call predecessors, (77), 65 states have call successors, (77) [2025-03-03 14:26:25,095 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 406 states to 406 states and 642 transitions. [2025-03-03 14:26:25,096 INFO L78 Accepts]: Start accepts. Automaton has 406 states and 642 transitions. Word has length 110 [2025-03-03 14:26:25,096 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:25,096 INFO L471 AbstractCegarLoop]: Abstraction has 406 states and 642 transitions. [2025-03-03 14:26:25,097 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 18.0) internal successors, (72), 5 states have internal predecessors, (72), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:25,097 INFO L276 IsEmpty]: Start isEmpty. Operand 406 states and 642 transitions. [2025-03-03 14:26:25,099 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2025-03-03 14:26:25,099 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:25,099 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:25,099 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:26:25,099 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:25,100 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:25,100 INFO L85 PathProgramCache]: Analyzing trace with hash 1423999071, now seen corresponding path program 1 times [2025-03-03 14:26:25,100 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:25,100 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1832590824] [2025-03-03 14:26:25,100 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:25,100 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:25,115 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:26:25,119 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:26:25,119 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:25,119 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:25,189 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:26:25,190 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:25,190 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1832590824] [2025-03-03 14:26:25,190 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1832590824] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:25,191 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:25,191 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:26:25,191 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [476459314] [2025-03-03 14:26:25,191 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:25,191 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:25,191 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:25,192 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:25,192 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:25,192 INFO L87 Difference]: Start difference. First operand 406 states and 642 transitions. Second operand has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:25,240 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:25,241 INFO L93 Difference]: Finished difference Result 787 states and 1252 transitions. [2025-03-03 14:26:25,241 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:25,241 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 111 [2025-03-03 14:26:25,241 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:25,244 INFO L225 Difference]: With dead ends: 787 [2025-03-03 14:26:25,244 INFO L226 Difference]: Without dead ends: 408 [2025-03-03 14:26:25,246 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:25,246 INFO L435 NwaCegarLoop]: 506 mSDtfsCounter, 0 mSDsluCounter, 1501 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1 SdHoareTripleChecker+Valid, 2007 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:25,246 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [1 Valid, 2007 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:25,247 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 408 states. [2025-03-03 14:26:25,256 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 408 to 406. [2025-03-03 14:26:25,257 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 406 states, 314 states have (on average 1.589171974522293) internal successors, (499), 322 states have internal predecessors, (499), 66 states have call successors, (66), 21 states have call predecessors, (66), 25 states have return successors, (77), 64 states have call predecessors, (77), 65 states have call successors, (77) [2025-03-03 14:26:25,259 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 406 states to 406 states and 642 transitions. [2025-03-03 14:26:25,260 INFO L78 Accepts]: Start accepts. Automaton has 406 states and 642 transitions. Word has length 111 [2025-03-03 14:26:25,260 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:25,260 INFO L471 AbstractCegarLoop]: Abstraction has 406 states and 642 transitions. [2025-03-03 14:26:25,260 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:26:25,260 INFO L276 IsEmpty]: Start isEmpty. Operand 406 states and 642 transitions. [2025-03-03 14:26:25,262 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2025-03-03 14:26:25,262 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:25,262 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:25,262 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2025-03-03 14:26:25,262 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:25,263 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:25,263 INFO L85 PathProgramCache]: Analyzing trace with hash 2032075934, now seen corresponding path program 1 times [2025-03-03 14:26:25,263 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:25,263 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [769328670] [2025-03-03 14:26:25,264 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:25,264 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:25,277 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:26:25,282 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:26:25,283 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:25,283 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:25,372 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:25,372 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:25,372 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [769328670] [2025-03-03 14:26:25,373 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [769328670] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:25,373 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2036617464] [2025-03-03 14:26:25,373 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:25,373 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:25,373 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:25,375 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:25,376 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-03 14:26:25,499 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:26:25,584 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:26:25,584 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:25,584 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:25,588 INFO L256 TraceCheckSpWp]: Trace formula consists of 979 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:26:25,590 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:25,611 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:25,611 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:26:25,676 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:25,676 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2036617464] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:26:25,676 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:26:25,676 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2025-03-03 14:26:25,677 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [655952265] [2025-03-03 14:26:25,677 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:26:25,677 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-03 14:26:25,677 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:25,677 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-03 14:26:25,678 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:26:25,678 INFO L87 Difference]: Start difference. First operand 406 states and 642 transitions. Second operand has 7 states, 7 states have (on average 14.0) internal successors, (98), 7 states have internal predecessors, (98), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:26:25,823 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:25,823 INFO L93 Difference]: Finished difference Result 967 states and 1584 transitions. [2025-03-03 14:26:25,823 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-03 14:26:25,824 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 14.0) internal successors, (98), 7 states have internal predecessors, (98), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 111 [2025-03-03 14:26:25,824 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:25,828 INFO L225 Difference]: With dead ends: 967 [2025-03-03 14:26:25,828 INFO L226 Difference]: Without dead ends: 818 [2025-03-03 14:26:25,829 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 224 GetRequests, 219 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:26:25,829 INFO L435 NwaCegarLoop]: 554 mSDtfsCounter, 372 mSDsluCounter, 2745 mSDsCounter, 0 mSdLazyCounter, 121 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 426 SdHoareTripleChecker+Valid, 3299 SdHoareTripleChecker+Invalid, 122 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 121 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:25,830 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [426 Valid, 3299 Invalid, 122 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 121 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:26:25,830 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 818 states. [2025-03-03 14:26:25,853 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 818 to 794. [2025-03-03 14:26:25,854 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 794 states, 623 states have (on average 1.6484751203852328) internal successors, (1027), 631 states have internal predecessors, (1027), 145 states have call successors, (145), 21 states have call predecessors, (145), 25 states have return successors, (166), 143 states have call predecessors, (166), 144 states have call successors, (166) [2025-03-03 14:26:25,858 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 794 states to 794 states and 1338 transitions. [2025-03-03 14:26:25,859 INFO L78 Accepts]: Start accepts. Automaton has 794 states and 1338 transitions. Word has length 111 [2025-03-03 14:26:25,859 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:25,859 INFO L471 AbstractCegarLoop]: Abstraction has 794 states and 1338 transitions. [2025-03-03 14:26:25,859 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 14.0) internal successors, (98), 7 states have internal predecessors, (98), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:26:25,859 INFO L276 IsEmpty]: Start isEmpty. Operand 794 states and 1338 transitions. [2025-03-03 14:26:25,863 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 118 [2025-03-03 14:26:25,863 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:25,863 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:25,870 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:26,063 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:26,064 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:26,064 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:26,064 INFO L85 PathProgramCache]: Analyzing trace with hash 1092391294, now seen corresponding path program 1 times [2025-03-03 14:26:26,064 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:26,064 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1985755497] [2025-03-03 14:26:26,064 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:26,064 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:26,077 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 117 statements into 1 equivalence classes. [2025-03-03 14:26:26,084 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 117 of 117 statements. [2025-03-03 14:26:26,084 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:26,084 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:26,113 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:26,114 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:26,114 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1985755497] [2025-03-03 14:26:26,114 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1985755497] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:26,114 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:26,114 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:26,114 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2071314236] [2025-03-03 14:26:26,114 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:26,114 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:26,115 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:26,115 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:26,115 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:26,115 INFO L87 Difference]: Start difference. First operand 794 states and 1338 transitions. Second operand has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:26,152 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:26,152 INFO L93 Difference]: Finished difference Result 1915 states and 3270 transitions. [2025-03-03 14:26:26,153 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:26,153 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 117 [2025-03-03 14:26:26,153 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:26,160 INFO L225 Difference]: With dead ends: 1915 [2025-03-03 14:26:26,161 INFO L226 Difference]: Without dead ends: 1187 [2025-03-03 14:26:26,163 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:26,164 INFO L435 NwaCegarLoop]: 533 mSDtfsCounter, 124 mSDsluCounter, 514 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1047 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:26,164 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1047 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:26,165 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1187 states. [2025-03-03 14:26:26,198 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1187 to 1179. [2025-03-03 14:26:26,200 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1179 states, 929 states have (on average 1.659849300322928) internal successors, (1542), 937 states have internal predecessors, (1542), 224 states have call successors, (224), 21 states have call predecessors, (224), 25 states have return successors, (255), 222 states have call predecessors, (255), 223 states have call successors, (255) [2025-03-03 14:26:26,206 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1179 states to 1179 states and 2021 transitions. [2025-03-03 14:26:26,207 INFO L78 Accepts]: Start accepts. Automaton has 1179 states and 2021 transitions. Word has length 117 [2025-03-03 14:26:26,207 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:26,207 INFO L471 AbstractCegarLoop]: Abstraction has 1179 states and 2021 transitions. [2025-03-03 14:26:26,207 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:26,208 INFO L276 IsEmpty]: Start isEmpty. Operand 1179 states and 2021 transitions. [2025-03-03 14:26:26,213 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2025-03-03 14:26:26,213 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:26,214 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:26,214 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-03 14:26:26,214 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:26,215 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:26,215 INFO L85 PathProgramCache]: Analyzing trace with hash -1667348221, now seen corresponding path program 1 times [2025-03-03 14:26:26,215 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:26,215 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [113272057] [2025-03-03 14:26:26,215 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:26,215 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:26,242 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-03-03 14:26:26,248 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-03-03 14:26:26,248 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:26,248 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:26,278 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:26,278 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:26,278 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [113272057] [2025-03-03 14:26:26,278 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [113272057] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:26,279 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:26,279 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:26,279 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [400606681] [2025-03-03 14:26:26,279 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:26,279 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:26,279 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:26,279 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:26,279 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:26,280 INFO L87 Difference]: Start difference. First operand 1179 states and 2021 transitions. Second operand has 3 states, 3 states have (on average 26.0) internal successors, (78), 3 states have internal predecessors, (78), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:26,329 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:26,329 INFO L93 Difference]: Finished difference Result 2853 states and 4917 transitions. [2025-03-03 14:26:26,329 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:26,330 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.0) internal successors, (78), 3 states have internal predecessors, (78), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 118 [2025-03-03 14:26:26,330 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:26,340 INFO L225 Difference]: With dead ends: 2853 [2025-03-03 14:26:26,340 INFO L226 Difference]: Without dead ends: 1791 [2025-03-03 14:26:26,345 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:26,345 INFO L435 NwaCegarLoop]: 522 mSDtfsCounter, 122 mSDsluCounter, 510 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1032 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:26,346 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1032 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:26,347 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1791 states. [2025-03-03 14:26:26,403 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1791 to 1783. [2025-03-03 14:26:26,406 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1783 states, 1414 states have (on average 1.666902404526167) internal successors, (2357), 1422 states have internal predecessors, (2357), 343 states have call successors, (343), 21 states have call predecessors, (343), 25 states have return successors, (374), 341 states have call predecessors, (374), 342 states have call successors, (374) [2025-03-03 14:26:26,415 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1783 states to 1783 states and 3074 transitions. [2025-03-03 14:26:26,416 INFO L78 Accepts]: Start accepts. Automaton has 1783 states and 3074 transitions. Word has length 118 [2025-03-03 14:26:26,417 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:26,417 INFO L471 AbstractCegarLoop]: Abstraction has 1783 states and 3074 transitions. [2025-03-03 14:26:26,417 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.0) internal successors, (78), 3 states have internal predecessors, (78), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:26,417 INFO L276 IsEmpty]: Start isEmpty. Operand 1783 states and 3074 transitions. [2025-03-03 14:26:26,425 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 120 [2025-03-03 14:26:26,426 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:26,426 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:26,426 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-03-03 14:26:26,426 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:26,426 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:26,426 INFO L85 PathProgramCache]: Analyzing trace with hash -255638307, now seen corresponding path program 1 times [2025-03-03 14:26:26,426 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:26,426 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [818080481] [2025-03-03 14:26:26,427 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:26,427 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:26,442 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 119 statements into 1 equivalence classes. [2025-03-03 14:26:26,447 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 119 of 119 statements. [2025-03-03 14:26:26,448 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:26,448 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:26,473 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:26,474 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:26,474 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [818080481] [2025-03-03 14:26:26,474 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [818080481] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:26,474 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:26,474 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:26,474 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1473386556] [2025-03-03 14:26:26,474 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:26,474 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:26,474 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:26,474 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:26,474 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:26,475 INFO L87 Difference]: Start difference. First operand 1783 states and 3074 transitions. Second operand has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:26,538 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:26,538 INFO L93 Difference]: Finished difference Result 4260 states and 7399 transitions. [2025-03-03 14:26:26,538 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:26,538 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 119 [2025-03-03 14:26:26,539 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:26,553 INFO L225 Difference]: With dead ends: 4260 [2025-03-03 14:26:26,553 INFO L226 Difference]: Without dead ends: 2716 [2025-03-03 14:26:26,559 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:26,560 INFO L435 NwaCegarLoop]: 515 mSDtfsCounter, 120 mSDsluCounter, 506 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1021 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:26,560 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1021 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:26,563 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2716 states. [2025-03-03 14:26:26,677 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2716 to 2708. [2025-03-03 14:26:26,682 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2708 states, 2177 states have (on average 1.6729444189251264) internal successors, (3642), 2185 states have internal predecessors, (3642), 505 states have call successors, (505), 21 states have call predecessors, (505), 25 states have return successors, (552), 503 states have call predecessors, (552), 504 states have call successors, (552) [2025-03-03 14:26:26,697 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2708 states to 2708 states and 4699 transitions. [2025-03-03 14:26:26,699 INFO L78 Accepts]: Start accepts. Automaton has 2708 states and 4699 transitions. Word has length 119 [2025-03-03 14:26:26,699 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:26,699 INFO L471 AbstractCegarLoop]: Abstraction has 2708 states and 4699 transitions. [2025-03-03 14:26:26,699 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:26,699 INFO L276 IsEmpty]: Start isEmpty. Operand 2708 states and 4699 transitions. [2025-03-03 14:26:26,711 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 121 [2025-03-03 14:26:26,712 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:26,712 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:26,712 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-03 14:26:26,712 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:26,712 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:26,712 INFO L85 PathProgramCache]: Analyzing trace with hash 802187076, now seen corresponding path program 1 times [2025-03-03 14:26:26,712 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:26,713 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [571438038] [2025-03-03 14:26:26,713 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:26,713 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:26,729 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 120 statements into 1 equivalence classes. [2025-03-03 14:26:26,736 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 120 of 120 statements. [2025-03-03 14:26:26,737 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:26,737 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:26,773 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:26,773 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:26,773 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [571438038] [2025-03-03 14:26:26,773 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [571438038] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:26,773 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:26,773 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:26,773 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [304553057] [2025-03-03 14:26:26,773 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:26,774 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:26,774 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:26,774 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:26,774 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:26,774 INFO L87 Difference]: Start difference. First operand 2708 states and 4699 transitions. Second operand has 3 states, 3 states have (on average 26.666666666666668) internal successors, (80), 3 states have internal predecessors, (80), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:26,878 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:26,878 INFO L93 Difference]: Finished difference Result 6478 states and 11320 transitions. [2025-03-03 14:26:26,878 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:26,879 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.666666666666668) internal successors, (80), 3 states have internal predecessors, (80), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 120 [2025-03-03 14:26:26,879 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:26,902 INFO L225 Difference]: With dead ends: 6478 [2025-03-03 14:26:26,902 INFO L226 Difference]: Without dead ends: 4209 [2025-03-03 14:26:26,913 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:26,913 INFO L435 NwaCegarLoop]: 515 mSDtfsCounter, 118 mSDsluCounter, 506 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1021 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:26,914 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1021 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:26,917 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4209 states. [2025-03-03 14:26:27,122 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4209 to 4201. [2025-03-03 14:26:27,129 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4201 states, 3425 states have (on average 1.6773722627737226) internal successors, (5745), 3433 states have internal predecessors, (5745), 750 states have call successors, (750), 21 states have call predecessors, (750), 25 states have return successors, (823), 748 states have call predecessors, (823), 749 states have call successors, (823) [2025-03-03 14:26:27,149 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4201 states to 4201 states and 7318 transitions. [2025-03-03 14:26:27,151 INFO L78 Accepts]: Start accepts. Automaton has 4201 states and 7318 transitions. Word has length 120 [2025-03-03 14:26:27,152 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:27,152 INFO L471 AbstractCegarLoop]: Abstraction has 4201 states and 7318 transitions. [2025-03-03 14:26:27,152 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.666666666666668) internal successors, (80), 3 states have internal predecessors, (80), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:27,152 INFO L276 IsEmpty]: Start isEmpty. Operand 4201 states and 7318 transitions. [2025-03-03 14:26:27,166 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2025-03-03 14:26:27,166 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:27,167 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:27,167 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-03 14:26:27,167 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:27,167 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:27,167 INFO L85 PathProgramCache]: Analyzing trace with hash 1866940764, now seen corresponding path program 1 times [2025-03-03 14:26:27,167 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:27,168 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [942616341] [2025-03-03 14:26:27,168 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:27,168 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:27,181 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 121 statements into 1 equivalence classes. [2025-03-03 14:26:27,187 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 121 of 121 statements. [2025-03-03 14:26:27,187 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:27,187 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:27,214 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:27,214 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:27,214 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [942616341] [2025-03-03 14:26:27,214 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [942616341] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:27,214 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:27,214 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:27,214 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1818531847] [2025-03-03 14:26:27,215 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:27,215 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:27,215 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:27,216 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:27,216 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:27,216 INFO L87 Difference]: Start difference. First operand 4201 states and 7318 transitions. Second operand has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:27,366 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:27,367 INFO L93 Difference]: Finished difference Result 10438 states and 18276 transitions. [2025-03-03 14:26:27,367 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:27,367 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 121 [2025-03-03 14:26:27,368 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:27,407 INFO L225 Difference]: With dead ends: 10438 [2025-03-03 14:26:27,407 INFO L226 Difference]: Without dead ends: 6903 [2025-03-03 14:26:27,423 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:27,424 INFO L435 NwaCegarLoop]: 527 mSDtfsCounter, 116 mSDsluCounter, 512 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1039 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:27,424 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1039 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:27,430 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 6903 states. [2025-03-03 14:26:27,710 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 6903 to 6895. [2025-03-03 14:26:27,723 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6895 states, 5626 states have (on average 1.6727692854603626) internal successors, (9411), 5634 states have internal predecessors, (9411), 1243 states have call successors, (1243), 21 states have call predecessors, (1243), 25 states have return successors, (1360), 1241 states have call predecessors, (1360), 1242 states have call successors, (1360) [2025-03-03 14:26:27,755 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6895 states to 6895 states and 12014 transitions. [2025-03-03 14:26:27,759 INFO L78 Accepts]: Start accepts. Automaton has 6895 states and 12014 transitions. Word has length 121 [2025-03-03 14:26:27,759 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:27,759 INFO L471 AbstractCegarLoop]: Abstraction has 6895 states and 12014 transitions. [2025-03-03 14:26:27,760 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:27,760 INFO L276 IsEmpty]: Start isEmpty. Operand 6895 states and 12014 transitions. [2025-03-03 14:26:27,782 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 123 [2025-03-03 14:26:27,782 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:27,782 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:27,782 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-03 14:26:27,783 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:27,783 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:27,783 INFO L85 PathProgramCache]: Analyzing trace with hash -134581051, now seen corresponding path program 1 times [2025-03-03 14:26:27,783 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:27,783 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1126790427] [2025-03-03 14:26:27,783 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:27,783 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:27,796 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 122 statements into 1 equivalence classes. [2025-03-03 14:26:27,803 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 122 of 122 statements. [2025-03-03 14:26:27,803 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:27,803 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:27,826 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:27,826 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:27,826 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1126790427] [2025-03-03 14:26:27,826 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1126790427] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:27,826 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:27,826 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:27,826 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [230420098] [2025-03-03 14:26:27,826 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:27,827 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:27,827 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:27,827 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:27,827 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:27,828 INFO L87 Difference]: Start difference. First operand 6895 states and 12014 transitions. Second operand has 3 states, 3 states have (on average 27.333333333333332) internal successors, (82), 3 states have internal predecessors, (82), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:28,070 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:28,071 INFO L93 Difference]: Finished difference Result 17473 states and 30632 transitions. [2025-03-03 14:26:28,071 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:28,071 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.333333333333332) internal successors, (82), 3 states have internal predecessors, (82), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 122 [2025-03-03 14:26:28,071 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:28,119 INFO L225 Difference]: With dead ends: 17473 [2025-03-03 14:26:28,119 INFO L226 Difference]: Without dead ends: 11615 [2025-03-03 14:26:28,172 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:28,173 INFO L435 NwaCegarLoop]: 522 mSDtfsCounter, 114 mSDsluCounter, 510 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 132 SdHoareTripleChecker+Valid, 1032 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:28,173 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [132 Valid, 1032 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:28,179 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11615 states. [2025-03-03 14:26:28,650 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11615 to 11607. [2025-03-03 14:26:28,668 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11607 states, 9516 states have (on average 1.6726565783942833) internal successors, (15917), 9524 states have internal predecessors, (15917), 2065 states have call successors, (2065), 21 states have call predecessors, (2065), 25 states have return successors, (2260), 2063 states have call predecessors, (2260), 2064 states have call successors, (2260) [2025-03-03 14:26:28,722 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11607 states to 11607 states and 20242 transitions. [2025-03-03 14:26:28,728 INFO L78 Accepts]: Start accepts. Automaton has 11607 states and 20242 transitions. Word has length 122 [2025-03-03 14:26:28,729 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:28,729 INFO L471 AbstractCegarLoop]: Abstraction has 11607 states and 20242 transitions. [2025-03-03 14:26:28,729 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.333333333333332) internal successors, (82), 3 states have internal predecessors, (82), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:28,729 INFO L276 IsEmpty]: Start isEmpty. Operand 11607 states and 20242 transitions. [2025-03-03 14:26:28,756 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 124 [2025-03-03 14:26:28,756 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:28,756 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:28,757 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-03 14:26:28,757 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:28,757 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:28,758 INFO L85 PathProgramCache]: Analyzing trace with hash -344410757, now seen corresponding path program 1 times [2025-03-03 14:26:28,758 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:28,758 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [979504801] [2025-03-03 14:26:28,758 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:28,758 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:28,774 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 123 statements into 1 equivalence classes. [2025-03-03 14:26:28,780 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 123 of 123 statements. [2025-03-03 14:26:28,781 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:28,781 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:28,811 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:28,812 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:28,812 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [979504801] [2025-03-03 14:26:28,812 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [979504801] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:28,812 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:28,812 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:28,812 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [780638369] [2025-03-03 14:26:28,812 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:28,813 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:28,813 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:28,813 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:28,813 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:28,814 INFO L87 Difference]: Start difference. First operand 11607 states and 20242 transitions. Second operand has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:29,199 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:29,200 INFO L93 Difference]: Finished difference Result 27704 states and 48274 transitions. [2025-03-03 14:26:29,200 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:29,200 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 123 [2025-03-03 14:26:29,200 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:29,274 INFO L225 Difference]: With dead ends: 27704 [2025-03-03 14:26:29,274 INFO L226 Difference]: Without dead ends: 18071 [2025-03-03 14:26:29,312 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:29,313 INFO L435 NwaCegarLoop]: 524 mSDtfsCounter, 112 mSDsluCounter, 482 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 1006 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:29,313 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 1006 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:29,327 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 18071 states. [2025-03-03 14:26:29,897 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 18071 to 18063. [2025-03-03 14:26:29,926 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 18063 states, 14769 states have (on average 1.6484528404089647) internal successors, (24346), 14777 states have internal predecessors, (24346), 3268 states have call successors, (3268), 21 states have call predecessors, (3268), 25 states have return successors, (3607), 3266 states have call predecessors, (3607), 3267 states have call successors, (3607) [2025-03-03 14:26:29,988 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18063 states to 18063 states and 31221 transitions. [2025-03-03 14:26:29,996 INFO L78 Accepts]: Start accepts. Automaton has 18063 states and 31221 transitions. Word has length 123 [2025-03-03 14:26:29,996 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:29,996 INFO L471 AbstractCegarLoop]: Abstraction has 18063 states and 31221 transitions. [2025-03-03 14:26:29,997 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:29,997 INFO L276 IsEmpty]: Start isEmpty. Operand 18063 states and 31221 transitions. [2025-03-03 14:26:30,025 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 125 [2025-03-03 14:26:30,025 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:30,025 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:30,026 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-03 14:26:30,026 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:30,026 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:30,027 INFO L85 PathProgramCache]: Analyzing trace with hash 2110347014, now seen corresponding path program 1 times [2025-03-03 14:26:30,027 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:30,027 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1255032667] [2025-03-03 14:26:30,027 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:30,027 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:30,040 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 124 statements into 1 equivalence classes. [2025-03-03 14:26:30,047 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 124 of 124 statements. [2025-03-03 14:26:30,047 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:30,047 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:30,173 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:30,174 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:30,174 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1255032667] [2025-03-03 14:26:30,174 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1255032667] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:30,174 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:30,174 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:30,174 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1329654997] [2025-03-03 14:26:30,174 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:30,175 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:30,175 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:30,175 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:30,175 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:30,175 INFO L87 Difference]: Start difference. First operand 18063 states and 31221 transitions. Second operand has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:30,828 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:30,828 INFO L93 Difference]: Finished difference Result 47731 states and 82843 transitions. [2025-03-03 14:26:30,828 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:30,829 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 124 [2025-03-03 14:26:30,829 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:30,968 INFO L225 Difference]: With dead ends: 47731 [2025-03-03 14:26:30,968 INFO L226 Difference]: Without dead ends: 32241 [2025-03-03 14:26:31,026 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:31,027 INFO L435 NwaCegarLoop]: 515 mSDtfsCounter, 110 mSDsluCounter, 509 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1024 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:31,027 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1024 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:31,055 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 32241 states. [2025-03-03 14:26:32,172 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 32241 to 32233. [2025-03-03 14:26:32,221 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 32233 states, 26489 states have (on average 1.6454754803880856) internal successors, (43587), 26497 states have internal predecessors, (43587), 5718 states have call successors, (5718), 21 states have call predecessors, (5718), 25 states have return successors, (6331), 5716 states have call predecessors, (6331), 5717 states have call successors, (6331) [2025-03-03 14:26:32,340 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 32233 states to 32233 states and 55636 transitions. [2025-03-03 14:26:32,356 INFO L78 Accepts]: Start accepts. Automaton has 32233 states and 55636 transitions. Word has length 124 [2025-03-03 14:26:32,357 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:32,357 INFO L471 AbstractCegarLoop]: Abstraction has 32233 states and 55636 transitions. [2025-03-03 14:26:32,357 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:32,357 INFO L276 IsEmpty]: Start isEmpty. Operand 32233 states and 55636 transitions. [2025-03-03 14:26:32,386 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 126 [2025-03-03 14:26:32,386 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:32,386 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:32,387 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-03 14:26:32,387 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:32,387 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:32,387 INFO L85 PathProgramCache]: Analyzing trace with hash -55895878, now seen corresponding path program 1 times [2025-03-03 14:26:32,387 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:32,388 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1693294486] [2025-03-03 14:26:32,388 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:32,388 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:32,403 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 125 statements into 1 equivalence classes. [2025-03-03 14:26:32,409 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 125 of 125 statements. [2025-03-03 14:26:32,410 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:32,410 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:32,437 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:32,438 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:32,438 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1693294486] [2025-03-03 14:26:32,438 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1693294486] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:32,438 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:32,438 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:32,438 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1655302533] [2025-03-03 14:26:32,438 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:32,438 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:32,439 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:32,439 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:32,439 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:32,439 INFO L87 Difference]: Start difference. First operand 32233 states and 55636 transitions. Second operand has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:33,696 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:33,696 INFO L93 Difference]: Finished difference Result 87848 states and 152165 transitions. [2025-03-03 14:26:33,697 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:33,697 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 125 [2025-03-03 14:26:33,697 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:33,943 INFO L225 Difference]: With dead ends: 87848 [2025-03-03 14:26:33,943 INFO L226 Difference]: Without dead ends: 59055 [2025-03-03 14:26:34,004 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:34,007 INFO L435 NwaCegarLoop]: 523 mSDtfsCounter, 108 mSDsluCounter, 510 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 1033 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:34,007 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [126 Valid, 1033 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:34,048 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59055 states. [2025-03-03 14:26:35,963 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59055 to 59047. [2025-03-03 14:26:36,045 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59047 states, 48790 states have (on average 1.6414634146341462) internal successors, (80087), 48798 states have internal predecessors, (80087), 10231 states have call successors, (10231), 21 states have call predecessors, (10231), 25 states have return successors, (11376), 10229 states have call predecessors, (11376), 10230 states have call successors, (11376) [2025-03-03 14:26:36,233 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59047 states to 59047 states and 101694 transitions. [2025-03-03 14:26:36,258 INFO L78 Accepts]: Start accepts. Automaton has 59047 states and 101694 transitions. Word has length 125 [2025-03-03 14:26:36,258 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:36,258 INFO L471 AbstractCegarLoop]: Abstraction has 59047 states and 101694 transitions. [2025-03-03 14:26:36,258 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:36,258 INFO L276 IsEmpty]: Start isEmpty. Operand 59047 states and 101694 transitions. [2025-03-03 14:26:36,287 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 127 [2025-03-03 14:26:36,288 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:36,288 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:36,288 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-03 14:26:36,288 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:36,288 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:36,289 INFO L85 PathProgramCache]: Analyzing trace with hash -700374553, now seen corresponding path program 1 times [2025-03-03 14:26:36,289 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:36,289 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1587388990] [2025-03-03 14:26:36,289 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:36,289 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:36,302 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 126 statements into 1 equivalence classes. [2025-03-03 14:26:36,310 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 126 of 126 statements. [2025-03-03 14:26:36,311 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:36,311 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:36,343 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:36,343 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:36,344 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1587388990] [2025-03-03 14:26:36,344 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1587388990] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:36,344 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:36,344 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:36,344 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2076941066] [2025-03-03 14:26:36,344 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:36,344 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:36,344 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:36,345 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:36,345 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:36,345 INFO L87 Difference]: Start difference. First operand 59047 states and 101694 transitions. Second operand has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:38,349 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:38,349 INFO L93 Difference]: Finished difference Result 110429 states and 190664 transitions. [2025-03-03 14:26:38,350 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:38,350 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 126 [2025-03-03 14:26:38,350 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:38,848 INFO L225 Difference]: With dead ends: 110429 [2025-03-03 14:26:38,849 INFO L226 Difference]: Without dead ends: 110280 [2025-03-03 14:26:38,894 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:38,896 INFO L435 NwaCegarLoop]: 524 mSDtfsCounter, 103 mSDsluCounter, 514 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 1038 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:38,896 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [120 Valid, 1038 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:38,975 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 110280 states. [2025-03-03 14:26:41,602 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 110280 to 110272. [2025-03-03 14:26:41,730 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 110272 states, 91647 states have (on average 1.6362892402369964) internal successors, (149961), 91655 states have internal predecessors, (149961), 18599 states have call successors, (18599), 21 states have call predecessors, (18599), 25 states have return successors, (20790), 18597 states have call predecessors, (20790), 18598 states have call successors, (20790) [2025-03-03 14:26:42,185 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 110272 states to 110272 states and 189350 transitions. [2025-03-03 14:26:42,231 INFO L78 Accepts]: Start accepts. Automaton has 110272 states and 189350 transitions. Word has length 126 [2025-03-03 14:26:42,232 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:42,232 INFO L471 AbstractCegarLoop]: Abstraction has 110272 states and 189350 transitions. [2025-03-03 14:26:42,232 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:26:42,232 INFO L276 IsEmpty]: Start isEmpty. Operand 110272 states and 189350 transitions. [2025-03-03 14:26:42,271 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 128 [2025-03-03 14:26:42,271 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:42,271 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:42,271 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2025-03-03 14:26:42,272 INFO L396 AbstractCegarLoop]: === Iteration 22 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:42,272 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:42,272 INFO L85 PathProgramCache]: Analyzing trace with hash 236966841, now seen corresponding path program 1 times [2025-03-03 14:26:42,272 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:42,272 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1494358446] [2025-03-03 14:26:42,272 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:42,272 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:42,288 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-03-03 14:26:42,298 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-03-03 14:26:42,298 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:42,299 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:42,546 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:42,546 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:42,546 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1494358446] [2025-03-03 14:26:42,546 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1494358446] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:42,547 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:42,547 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [12] imperfect sequences [] total 12 [2025-03-03 14:26:42,547 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [265740432] [2025-03-03 14:26:42,547 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:42,548 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2025-03-03 14:26:42,548 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:42,548 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2025-03-03 14:26:42,548 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=111, Unknown=0, NotChecked=0, Total=132 [2025-03-03 14:26:42,548 INFO L87 Difference]: Start difference. First operand 110272 states and 189350 transitions. Second operand has 12 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 5 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (12), 6 states have call predecessors, (12), 5 states have call successors, (12) [2025-03-03 14:26:48,073 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:48,073 INFO L93 Difference]: Finished difference Result 219688 states and 382708 transitions. [2025-03-03 14:26:48,076 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2025-03-03 14:26:48,077 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 5 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (12), 6 states have call predecessors, (12), 5 states have call successors, (12) Word has length 127 [2025-03-03 14:26:48,077 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:49,115 INFO L225 Difference]: With dead ends: 219688 [2025-03-03 14:26:49,115 INFO L226 Difference]: Without dead ends: 219545 [2025-03-03 14:26:49,202 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 69 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=125, Invalid=525, Unknown=0, NotChecked=0, Total=650 [2025-03-03 14:26:49,203 INFO L435 NwaCegarLoop]: 608 mSDtfsCounter, 1280 mSDsluCounter, 5204 mSDsCounter, 0 mSdLazyCounter, 972 mSolverCounterSat, 353 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1280 SdHoareTripleChecker+Valid, 5812 SdHoareTripleChecker+Invalid, 1325 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 353 IncrementalHoareTripleChecker+Valid, 972 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:49,203 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [1280 Valid, 5812 Invalid, 1325 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [353 Valid, 972 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2025-03-03 14:26:49,334 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 219545 states.