./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec9_product29.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec9_product29.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash e2402328b10acba07d45e1b6bd18216e1645c73446d4739f1dc37852ed64162e --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:27:44,346 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:27:44,402 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:27:44,407 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:27:44,408 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:27:44,428 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:27:44,428 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:27:44,429 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:27:44,429 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:27:44,429 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:27:44,429 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:27:44,429 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:27:44,429 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:27:44,429 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:27:44,429 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:27:44,429 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:27:44,429 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:27:44,429 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:27:44,429 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:27:44,430 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:27:44,430 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:27:44,430 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:27:44,431 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:27:44,431 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:27:44,431 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:27:44,431 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:27:44,431 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:27:44,431 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:27:44,431 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> e2402328b10acba07d45e1b6bd18216e1645c73446d4739f1dc37852ed64162e [2025-03-03 14:27:44,686 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:27:44,697 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:27:44,699 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:27:44,702 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:27:44,702 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:27:44,703 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec9_product29.cil.c [2025-03-03 14:27:45,890 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/77da887c2/7235fddee643460daba3de876d055292/FLAG4750f648a [2025-03-03 14:27:46,206 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:27:46,207 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec9_product29.cil.c [2025-03-03 14:27:46,222 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/77da887c2/7235fddee643460daba3de876d055292/FLAG4750f648a [2025-03-03 14:27:46,465 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/77da887c2/7235fddee643460daba3de876d055292 [2025-03-03 14:27:46,466 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:27:46,467 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:27:46,468 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:27:46,468 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:27:46,471 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:27:46,471 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:27:46" (1/1) ... [2025-03-03 14:27:46,472 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4238bee2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:46, skipping insertion in model container [2025-03-03 14:27:46,472 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:27:46" (1/1) ... [2025-03-03 14:27:46,521 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:27:46,910 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec9_product29.cil.c[65089,65102] [2025-03-03 14:27:46,912 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:27:46,923 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:27:46,928 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [48] [2025-03-03 14:27:46,929 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [97] [2025-03-03 14:27:46,929 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EncryptForward_spec.i","") [246] [2025-03-03 14:27:46,929 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [290] [2025-03-03 14:27:46,929 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [674] [2025-03-03 14:27:46,930 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [691] [2025-03-03 14:27:46,930 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [1057] [2025-03-03 14:27:46,930 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [1282] [2025-03-03 14:27:46,930 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [1679] [2025-03-03 14:27:46,930 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [2752] [2025-03-03 14:27:46,930 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [3030] [2025-03-03 14:27:47,027 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec9_product29.cil.c[65089,65102] [2025-03-03 14:27:47,029 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:27:47,056 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:27:47,057 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47 WrapperNode [2025-03-03 14:27:47,058 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:27:47,058 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:27:47,058 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:27:47,059 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:27:47,063 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (1/1) ... [2025-03-03 14:27:47,080 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (1/1) ... [2025-03-03 14:27:47,120 INFO L138 Inliner]: procedures = 132, calls = 214, calls flagged for inlining = 56, calls inlined = 48, statements flattened = 937 [2025-03-03 14:27:47,121 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:27:47,121 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:27:47,121 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:27:47,122 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:27:47,128 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (1/1) ... [2025-03-03 14:27:47,129 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (1/1) ... [2025-03-03 14:27:47,134 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (1/1) ... [2025-03-03 14:27:47,165 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-03 14:27:47,165 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (1/1) ... [2025-03-03 14:27:47,165 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (1/1) ... [2025-03-03 14:27:47,179 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (1/1) ... [2025-03-03 14:27:47,181 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (1/1) ... [2025-03-03 14:27:47,184 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (1/1) ... [2025-03-03 14:27:47,187 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (1/1) ... [2025-03-03 14:27:47,192 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:27:47,195 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:27:47,195 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:27:47,195 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:27:47,196 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (1/1) ... [2025-03-03 14:27:47,199 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:27:47,216 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:47,228 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:27:47,234 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:27:47,249 INFO L130 BoogieDeclarations]: Found specification of procedure getClientPrivateKey [2025-03-03 14:27:47,250 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientPrivateKey [2025-03-03 14:27:47,250 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-03 14:27:47,250 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-03 14:27:47,250 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-03 14:27:47,250 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-03 14:27:47,250 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-03 14:27:47,250 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-03 14:27:47,250 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-03 14:27:47,250 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-03 14:27:47,250 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-03 14:27:47,250 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-03 14:27:47,251 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-03 14:27:47,251 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-03 14:27:47,251 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2025-03-03 14:27:47,251 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2025-03-03 14:27:47,251 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-03 14:27:47,252 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-03 14:27:47,252 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-03 14:27:47,252 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-03 14:27:47,252 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailSignKey [2025-03-03 14:27:47,252 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailSignKey [2025-03-03 14:27:47,252 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-03 14:27:47,252 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-03 14:27:47,252 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2025-03-03 14:27:47,252 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2025-03-03 14:27:47,252 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-03 14:27:47,252 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-03 14:27:47,252 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:27:47,253 INFO L130 BoogieDeclarations]: Found specification of procedure isSigned [2025-03-03 14:27:47,253 INFO L138 BoogieDeclarations]: Found implementation of procedure isSigned [2025-03-03 14:27:47,253 INFO L130 BoogieDeclarations]: Found specification of procedure isKeyPairValid [2025-03-03 14:27:47,253 INFO L138 BoogieDeclarations]: Found implementation of procedure isKeyPairValid [2025-03-03 14:27:47,253 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-03 14:27:47,253 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-03 14:27:47,254 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-03 14:27:47,254 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-03 14:27:47,254 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-03 14:27:47,254 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-03 14:27:47,254 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-03 14:27:47,254 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-03 14:27:47,254 INFO L130 BoogieDeclarations]: Found specification of procedure findPublicKey [2025-03-03 14:27:47,254 INFO L138 BoogieDeclarations]: Found implementation of procedure findPublicKey [2025-03-03 14:27:47,254 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-03 14:27:47,254 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-03 14:27:47,254 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-03 14:27:47,256 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-03 14:27:47,256 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-03 14:27:47,256 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-03 14:27:47,256 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-03 14:27:47,256 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-03 14:27:47,256 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-03 14:27:47,256 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-03 14:27:47,256 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:27:47,256 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-03 14:27:47,256 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-03 14:27:47,256 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-03 14:27:47,256 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-03 14:27:47,256 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-03 14:27:47,256 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-03 14:27:47,256 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-03 14:27:47,257 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:27:47,257 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:27:47,433 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:27:47,437 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:27:47,521 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1586: #res := ~retValue_acc~23; [2025-03-03 14:27:47,550 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L585: #res := ~retValue_acc~10; [2025-03-03 14:27:47,591 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2386: #res#1 := ~retValue_acc~37#1; [2025-03-03 14:27:47,591 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2341-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~36#1; [2025-03-03 14:27:47,624 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2610: #res := ~retValue_acc~40; [2025-03-03 14:27:47,738 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2729-1: getClientId_#res#1 := getClientId_~retValue_acc~42#1; [2025-03-03 14:27:47,753 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2294: #res := ~retValue_acc~35; [2025-03-03 14:27:47,763 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L243-1: createEmail_#res#1 := createEmail_~retValue_acc~5#1; [2025-03-03 14:27:47,773 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1838: #res := ~retValue_acc~29; [2025-03-03 14:27:47,783 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1512: #res := ~retValue_acc~21; [2025-03-03 14:27:47,818 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1549: #res := ~retValue_acc~22; [2025-03-03 14:27:47,823 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1623: #res := ~retValue_acc~24; [2025-03-03 14:27:47,840 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1397: #res := ~retValue_acc~18; [2025-03-03 14:27:47,893 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2164: #res := ~retValue_acc~33; [2025-03-03 14:27:48,127 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L94-1: valid_product_#res#1 := valid_product_~retValue_acc~1#1; [2025-03-03 14:27:48,127 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2556-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~39#1; [2025-03-03 14:27:48,127 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2449-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~38#1; [2025-03-03 14:27:48,127 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L542-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~7#1; [2025-03-03 14:27:48,127 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L551-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~8#1; [2025-03-03 14:27:48,127 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L560-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~9#1; [2025-03-03 14:27:48,132 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1360: #res := ~retValue_acc~17; [2025-03-03 14:27:48,140 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L219: #res#1 := ~retValue_acc~3#1; [2025-03-03 14:27:48,140 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L199-1: isReadable__wrappee__Keys_#res#1 := isReadable__wrappee__Keys_~retValue_acc~2#1; [2025-03-03 14:27:48,285 INFO L? ?]: Removed 505 outVars from TransFormulas that were not future-live. [2025-03-03 14:27:48,285 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:27:48,302 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:27:48,303 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:27:48,303 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:27:48 BoogieIcfgContainer [2025-03-03 14:27:48,303 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:27:48,308 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:27:48,308 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:27:48,311 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:27:48,312 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:27:46" (1/3) ... [2025-03-03 14:27:48,312 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7691cd6a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:27:48, skipping insertion in model container [2025-03-03 14:27:48,312 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:47" (2/3) ... [2025-03-03 14:27:48,312 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7691cd6a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:27:48, skipping insertion in model container [2025-03-03 14:27:48,313 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:27:48" (3/3) ... [2025-03-03 14:27:48,314 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec9_product29.cil.c [2025-03-03 14:27:48,325 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:27:48,328 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec9_product29.cil.c that has 29 procedures, 408 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-03 14:27:48,381 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:27:48,390 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@3d6145f1, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:27:48,391 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:27:48,396 INFO L276 IsEmpty]: Start isEmpty. Operand has 408 states, 315 states have (on average 1.5523809523809524) internal successors, (489), 320 states have internal predecessors, (489), 63 states have call successors, (63), 28 states have call predecessors, (63), 28 states have return successors, (63), 62 states have call predecessors, (63), 63 states have call successors, (63) [2025-03-03 14:27:48,411 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2025-03-03 14:27:48,411 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:48,412 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:48,412 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:48,416 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:48,416 INFO L85 PathProgramCache]: Analyzing trace with hash 1678365918, now seen corresponding path program 1 times [2025-03-03 14:27:48,421 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:48,421 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2135373236] [2025-03-03 14:27:48,421 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:48,422 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:48,498 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-03-03 14:27:48,544 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-03-03 14:27:48,545 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:48,545 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:49,057 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2025-03-03 14:27:49,058 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:49,058 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2135373236] [2025-03-03 14:27:49,060 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2135373236] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:27:49,060 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1965751728] [2025-03-03 14:27:49,061 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:49,061 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:49,061 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:49,063 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:27:49,064 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:27:49,212 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-03-03 14:27:49,337 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-03-03 14:27:49,337 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:49,337 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:49,347 INFO L256 TraceCheckSpWp]: Trace formula consists of 1067 conjuncts, 1 conjuncts are in the unsatisfiable core [2025-03-03 14:27:49,355 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:27:49,368 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:27:49,368 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:27:49,368 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1965751728] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:49,368 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:27:49,371 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [5] total 5 [2025-03-03 14:27:49,372 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1812650841] [2025-03-03 14:27:49,373 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:49,375 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:27:49,375 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:49,392 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:27:49,393 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:49,395 INFO L87 Difference]: Start difference. First operand has 408 states, 315 states have (on average 1.5523809523809524) internal successors, (489), 320 states have internal predecessors, (489), 63 states have call successors, (63), 28 states have call predecessors, (63), 28 states have return successors, (63), 62 states have call predecessors, (63), 63 states have call successors, (63) Second operand has 2 states, 2 states have (on average 32.0) internal successors, (64), 2 states have internal predecessors, (64), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:49,444 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:49,445 INFO L93 Difference]: Finished difference Result 629 states and 930 transitions. [2025-03-03 14:27:49,445 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:27:49,446 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 32.0) internal successors, (64), 2 states have internal predecessors, (64), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 110 [2025-03-03 14:27:49,447 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:49,458 INFO L225 Difference]: With dead ends: 629 [2025-03-03 14:27:49,458 INFO L226 Difference]: Without dead ends: 401 [2025-03-03 14:27:49,462 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 114 GetRequests, 111 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:49,464 INFO L435 NwaCegarLoop]: 612 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 612 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:49,464 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 612 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:49,483 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 401 states. [2025-03-03 14:27:49,515 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 401 to 401. [2025-03-03 14:27:49,516 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 401 states, 309 states have (on average 1.5501618122977345) internal successors, (479), 313 states have internal predecessors, (479), 63 states have call successors, (63), 28 states have call predecessors, (63), 28 states have return successors, (62), 61 states have call predecessors, (62), 62 states have call successors, (62) [2025-03-03 14:27:49,522 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 401 states to 401 states and 604 transitions. [2025-03-03 14:27:49,523 INFO L78 Accepts]: Start accepts. Automaton has 401 states and 604 transitions. Word has length 110 [2025-03-03 14:27:49,525 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:49,525 INFO L471 AbstractCegarLoop]: Abstraction has 401 states and 604 transitions. [2025-03-03 14:27:49,526 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 32.0) internal successors, (64), 2 states have internal predecessors, (64), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:49,526 INFO L276 IsEmpty]: Start isEmpty. Operand 401 states and 604 transitions. [2025-03-03 14:27:49,533 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2025-03-03 14:27:49,533 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:49,534 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:49,542 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-03 14:27:49,735 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-03 14:27:49,735 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:49,735 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:49,736 INFO L85 PathProgramCache]: Analyzing trace with hash -1125986160, now seen corresponding path program 1 times [2025-03-03 14:27:49,736 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:49,736 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [833264909] [2025-03-03 14:27:49,736 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:49,736 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:49,764 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:27:49,777 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:27:49,778 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:49,778 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:49,952 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2025-03-03 14:27:49,952 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:49,952 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [833264909] [2025-03-03 14:27:49,952 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [833264909] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:27:49,952 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1907054944] [2025-03-03 14:27:49,952 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:49,952 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:49,952 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:49,958 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:27:49,963 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:27:50,117 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:27:50,234 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:27:50,234 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:50,234 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:50,238 INFO L256 TraceCheckSpWp]: Trace formula consists of 1068 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-03 14:27:50,242 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:27:50,272 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:27:50,273 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:27:50,273 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1907054944] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:50,273 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:27:50,273 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:27:50,273 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1757471223] [2025-03-03 14:27:50,273 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:50,274 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:50,274 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:50,274 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:50,274 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:27:50,275 INFO L87 Difference]: Start difference. First operand 401 states and 604 transitions. Second operand has 3 states, 3 states have (on average 21.666666666666668) internal successors, (65), 3 states have internal predecessors, (65), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:50,327 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:50,328 INFO L93 Difference]: Finished difference Result 618 states and 908 transitions. [2025-03-03 14:27:50,328 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:50,328 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 21.666666666666668) internal successors, (65), 3 states have internal predecessors, (65), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 111 [2025-03-03 14:27:50,329 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:50,336 INFO L225 Difference]: With dead ends: 618 [2025-03-03 14:27:50,336 INFO L226 Difference]: Without dead ends: 403 [2025-03-03 14:27:50,337 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 115 GetRequests, 111 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:27:50,338 INFO L435 NwaCegarLoop]: 603 mSDtfsCounter, 0 mSDsluCounter, 601 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1204 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:50,338 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1204 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:50,341 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 403 states. [2025-03-03 14:27:50,370 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 403 to 403. [2025-03-03 14:27:50,373 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 403 states, 311 states have (on average 1.5466237942122187) internal successors, (481), 315 states have internal predecessors, (481), 63 states have call successors, (63), 28 states have call predecessors, (63), 28 states have return successors, (62), 61 states have call predecessors, (62), 62 states have call successors, (62) [2025-03-03 14:27:50,377 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 403 states to 403 states and 606 transitions. [2025-03-03 14:27:50,378 INFO L78 Accepts]: Start accepts. Automaton has 403 states and 606 transitions. Word has length 111 [2025-03-03 14:27:50,380 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:50,380 INFO L471 AbstractCegarLoop]: Abstraction has 403 states and 606 transitions. [2025-03-03 14:27:50,380 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 21.666666666666668) internal successors, (65), 3 states have internal predecessors, (65), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:50,380 INFO L276 IsEmpty]: Start isEmpty. Operand 403 states and 606 transitions. [2025-03-03 14:27:50,383 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2025-03-03 14:27:50,384 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:50,384 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:50,392 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-03-03 14:27:50,584 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-03 14:27:50,585 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:50,585 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:50,585 INFO L85 PathProgramCache]: Analyzing trace with hash -711667533, now seen corresponding path program 1 times [2025-03-03 14:27:50,585 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:50,585 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [758923023] [2025-03-03 14:27:50,585 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:50,585 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:50,608 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 116 statements into 1 equivalence classes. [2025-03-03 14:27:50,619 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 116 of 116 statements. [2025-03-03 14:27:50,620 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:50,620 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:50,803 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:27:50,804 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:50,804 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [758923023] [2025-03-03 14:27:50,804 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [758923023] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:27:50,804 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [800905688] [2025-03-03 14:27:50,804 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:50,804 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:50,804 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:50,808 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:27:50,809 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:27:50,941 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 116 statements into 1 equivalence classes. [2025-03-03 14:27:51,047 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 116 of 116 statements. [2025-03-03 14:27:51,048 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:51,048 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:51,052 INFO L256 TraceCheckSpWp]: Trace formula consists of 1080 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:27:51,056 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:27:51,070 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:27:51,071 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:27:51,071 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [800905688] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:51,071 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:27:51,071 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:27:51,071 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [989082567] [2025-03-03 14:27:51,071 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:51,071 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:51,072 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:51,072 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:51,072 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:27:51,072 INFO L87 Difference]: Start difference. First operand 403 states and 606 transitions. Second operand has 3 states, 3 states have (on average 23.333333333333332) internal successors, (70), 3 states have internal predecessors, (70), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:51,124 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:51,124 INFO L93 Difference]: Finished difference Result 848 states and 1295 transitions. [2025-03-03 14:27:51,124 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:51,125 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 23.333333333333332) internal successors, (70), 3 states have internal predecessors, (70), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 116 [2025-03-03 14:27:51,125 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:51,128 INFO L225 Difference]: With dead ends: 848 [2025-03-03 14:27:51,128 INFO L226 Difference]: Without dead ends: 472 [2025-03-03 14:27:51,130 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 120 GetRequests, 116 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:27:51,132 INFO L435 NwaCegarLoop]: 619 mSDtfsCounter, 126 mSDsluCounter, 557 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 1176 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:51,134 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 1176 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:51,135 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 472 states. [2025-03-03 14:27:51,154 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 472 to 464. [2025-03-03 14:27:51,156 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 464 states, 358 states have (on average 1.5670391061452513) internal successors, (561), 362 states have internal predecessors, (561), 77 states have call successors, (77), 28 states have call predecessors, (77), 28 states have return successors, (76), 75 states have call predecessors, (76), 76 states have call successors, (76) [2025-03-03 14:27:51,160 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 464 states to 464 states and 714 transitions. [2025-03-03 14:27:51,161 INFO L78 Accepts]: Start accepts. Automaton has 464 states and 714 transitions. Word has length 116 [2025-03-03 14:27:51,162 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:51,162 INFO L471 AbstractCegarLoop]: Abstraction has 464 states and 714 transitions. [2025-03-03 14:27:51,162 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 23.333333333333332) internal successors, (70), 3 states have internal predecessors, (70), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:51,162 INFO L276 IsEmpty]: Start isEmpty. Operand 464 states and 714 transitions. [2025-03-03 14:27:51,164 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 118 [2025-03-03 14:27:51,165 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:51,165 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:51,177 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2025-03-03 14:27:51,366 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:51,366 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:51,366 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:51,367 INFO L85 PathProgramCache]: Analyzing trace with hash -1666778197, now seen corresponding path program 1 times [2025-03-03 14:27:51,367 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:51,367 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [22739672] [2025-03-03 14:27:51,367 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:51,367 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:51,399 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 117 statements into 1 equivalence classes. [2025-03-03 14:27:51,409 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 117 of 117 statements. [2025-03-03 14:27:51,410 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:51,410 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:51,570 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:27:51,570 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:51,570 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [22739672] [2025-03-03 14:27:51,570 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [22739672] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:27:51,570 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [579292766] [2025-03-03 14:27:51,571 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:51,571 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:51,571 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:51,573 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:27:51,574 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-03 14:27:51,694 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 117 statements into 1 equivalence classes. [2025-03-03 14:27:51,783 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 117 of 117 statements. [2025-03-03 14:27:51,783 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:51,783 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:51,788 INFO L256 TraceCheckSpWp]: Trace formula consists of 1085 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-03 14:27:51,792 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:27:51,839 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-03 14:27:51,839 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:27:51,839 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [579292766] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:51,839 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:27:51,839 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:27:51,840 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1106857460] [2025-03-03 14:27:51,840 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:51,841 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:27:51,841 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:51,842 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:27:51,842 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:27:51,842 INFO L87 Difference]: Start difference. First operand 464 states and 714 transitions. Second operand has 5 states, 4 states have (on average 19.75) internal successors, (79), 5 states have internal predecessors, (79), 3 states have call successors, (17), 2 states have call predecessors, (17), 3 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:27:51,911 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:51,912 INFO L93 Difference]: Finished difference Result 919 states and 1418 transitions. [2025-03-03 14:27:51,913 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:27:51,913 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 19.75) internal successors, (79), 5 states have internal predecessors, (79), 3 states have call successors, (17), 2 states have call predecessors, (17), 3 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) Word has length 117 [2025-03-03 14:27:51,913 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:51,916 INFO L225 Difference]: With dead ends: 919 [2025-03-03 14:27:51,916 INFO L226 Difference]: Without dead ends: 466 [2025-03-03 14:27:51,918 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 121 GetRequests, 115 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:27:51,919 INFO L435 NwaCegarLoop]: 596 mSDtfsCounter, 2 mSDsluCounter, 1777 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2373 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:51,920 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2373 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:51,921 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 466 states. [2025-03-03 14:27:51,932 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 466 to 466. [2025-03-03 14:27:51,933 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 466 states, 359 states have (on average 1.565459610027855) internal successors, (562), 364 states have internal predecessors, (562), 77 states have call successors, (77), 28 states have call predecessors, (77), 29 states have return successors, (78), 75 states have call predecessors, (78), 76 states have call successors, (78) [2025-03-03 14:27:51,935 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 466 states to 466 states and 717 transitions. [2025-03-03 14:27:51,936 INFO L78 Accepts]: Start accepts. Automaton has 466 states and 717 transitions. Word has length 117 [2025-03-03 14:27:51,936 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:51,936 INFO L471 AbstractCegarLoop]: Abstraction has 466 states and 717 transitions. [2025-03-03 14:27:51,936 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 19.75) internal successors, (79), 5 states have internal predecessors, (79), 3 states have call successors, (17), 2 states have call predecessors, (17), 3 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:27:51,937 INFO L276 IsEmpty]: Start isEmpty. Operand 466 states and 717 transitions. [2025-03-03 14:27:51,938 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2025-03-03 14:27:51,938 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:51,939 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:51,947 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2025-03-03 14:27:52,139 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:52,139 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:52,140 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:52,140 INFO L85 PathProgramCache]: Analyzing trace with hash -1788049971, now seen corresponding path program 1 times [2025-03-03 14:27:52,140 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:52,140 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [752719266] [2025-03-03 14:27:52,140 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:52,140 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:52,156 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-03-03 14:27:52,162 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-03-03 14:27:52,162 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:52,162 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:52,271 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2025-03-03 14:27:52,272 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:52,272 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [752719266] [2025-03-03 14:27:52,272 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [752719266] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:27:52,272 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2032093985] [2025-03-03 14:27:52,272 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:52,272 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:52,273 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:52,275 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:27:52,278 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-03 14:27:52,435 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-03-03 14:27:52,545 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-03-03 14:27:52,545 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:52,545 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:52,551 INFO L256 TraceCheckSpWp]: Trace formula consists of 1086 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:27:52,555 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:27:52,597 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-03 14:27:52,597 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:27:52,597 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2032093985] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:52,597 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:27:52,597 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-03 14:27:52,597 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2017354182] [2025-03-03 14:27:52,597 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:52,597 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:27:52,597 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:52,598 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:27:52,598 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:27:52,598 INFO L87 Difference]: Start difference. First operand 466 states and 717 transitions. Second operand has 5 states, 5 states have (on average 16.2) internal successors, (81), 5 states have internal predecessors, (81), 3 states have call successors, (17), 2 states have call predecessors, (17), 3 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:27:52,657 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:52,657 INFO L93 Difference]: Finished difference Result 921 states and 1423 transitions. [2025-03-03 14:27:52,657 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:27:52,658 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 16.2) internal successors, (81), 5 states have internal predecessors, (81), 3 states have call successors, (17), 2 states have call predecessors, (17), 3 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) Word has length 118 [2025-03-03 14:27:52,658 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:52,660 INFO L225 Difference]: With dead ends: 921 [2025-03-03 14:27:52,660 INFO L226 Difference]: Without dead ends: 468 [2025-03-03 14:27:52,662 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 125 GetRequests, 116 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:27:52,662 INFO L435 NwaCegarLoop]: 594 mSDtfsCounter, 2 mSDsluCounter, 1765 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2359 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:52,662 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2359 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:52,663 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 468 states. [2025-03-03 14:27:52,680 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 468 to 468. [2025-03-03 14:27:52,681 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 468 states, 360 states have (on average 1.5638888888888889) internal successors, (563), 366 states have internal predecessors, (563), 77 states have call successors, (77), 28 states have call predecessors, (77), 30 states have return successors, (83), 75 states have call predecessors, (83), 76 states have call successors, (83) [2025-03-03 14:27:52,683 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 468 states to 468 states and 723 transitions. [2025-03-03 14:27:52,684 INFO L78 Accepts]: Start accepts. Automaton has 468 states and 723 transitions. Word has length 118 [2025-03-03 14:27:52,684 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:52,684 INFO L471 AbstractCegarLoop]: Abstraction has 468 states and 723 transitions. [2025-03-03 14:27:52,684 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 16.2) internal successors, (81), 5 states have internal predecessors, (81), 3 states have call successors, (17), 2 states have call predecessors, (17), 3 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:27:52,684 INFO L276 IsEmpty]: Start isEmpty. Operand 468 states and 723 transitions. [2025-03-03 14:27:52,686 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 120 [2025-03-03 14:27:52,686 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:52,686 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:52,695 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Ended with exit code 0 [2025-03-03 14:27:52,890 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:52,890 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:52,890 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:52,891 INFO L85 PathProgramCache]: Analyzing trace with hash -1889293408, now seen corresponding path program 1 times [2025-03-03 14:27:52,891 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:52,891 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [595420935] [2025-03-03 14:27:52,891 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:52,891 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:52,906 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 119 statements into 1 equivalence classes. [2025-03-03 14:27:52,911 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 119 of 119 statements. [2025-03-03 14:27:52,911 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:52,911 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:53,020 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:27:53,020 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:53,020 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [595420935] [2025-03-03 14:27:53,020 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [595420935] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:53,020 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:53,021 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:27:53,021 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [581249141] [2025-03-03 14:27:53,021 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:53,021 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:27:53,021 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:53,022 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:27:53,022 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:53,022 INFO L87 Difference]: Start difference. First operand 468 states and 723 transitions. Second operand has 5 states, 4 states have (on average 19.25) internal successors, (77), 5 states have internal predecessors, (77), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:27:53,055 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:53,055 INFO L93 Difference]: Finished difference Result 913 states and 1414 transitions. [2025-03-03 14:27:53,056 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:27:53,056 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 19.25) internal successors, (77), 5 states have internal predecessors, (77), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) Word has length 119 [2025-03-03 14:27:53,056 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:53,059 INFO L225 Difference]: With dead ends: 913 [2025-03-03 14:27:53,059 INFO L226 Difference]: Without dead ends: 468 [2025-03-03 14:27:53,060 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:53,061 INFO L435 NwaCegarLoop]: 597 mSDtfsCounter, 2 mSDsluCounter, 1780 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2377 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:53,061 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2377 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:53,062 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 468 states. [2025-03-03 14:27:53,072 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 468 to 468. [2025-03-03 14:27:53,073 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 468 states, 360 states have (on average 1.5638888888888889) internal successors, (563), 366 states have internal predecessors, (563), 77 states have call successors, (77), 28 states have call predecessors, (77), 30 states have return successors, (82), 75 states have call predecessors, (82), 76 states have call successors, (82) [2025-03-03 14:27:53,075 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 468 states to 468 states and 722 transitions. [2025-03-03 14:27:53,076 INFO L78 Accepts]: Start accepts. Automaton has 468 states and 722 transitions. Word has length 119 [2025-03-03 14:27:53,076 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:53,076 INFO L471 AbstractCegarLoop]: Abstraction has 468 states and 722 transitions. [2025-03-03 14:27:53,077 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 19.25) internal successors, (77), 5 states have internal predecessors, (77), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:27:53,077 INFO L276 IsEmpty]: Start isEmpty. Operand 468 states and 722 transitions. [2025-03-03 14:27:53,078 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 121 [2025-03-03 14:27:53,078 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:53,079 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:53,079 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:27:53,079 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:53,079 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:53,079 INFO L85 PathProgramCache]: Analyzing trace with hash -2019830172, now seen corresponding path program 2 times [2025-03-03 14:27:53,079 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:53,080 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1332947438] [2025-03-03 14:27:53,080 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:27:53,080 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:53,094 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 120 statements into 2 equivalence classes. [2025-03-03 14:27:53,105 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 120 of 120 statements. [2025-03-03 14:27:53,105 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-03 14:27:53,105 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:53,194 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:27:53,195 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:53,195 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1332947438] [2025-03-03 14:27:53,195 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1332947438] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:53,195 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:53,195 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:27:53,195 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1921659647] [2025-03-03 14:27:53,195 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:53,195 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:27:53,196 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:53,196 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:27:53,196 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:53,197 INFO L87 Difference]: Start difference. First operand 468 states and 722 transitions. Second operand has 5 states, 5 states have (on average 15.4) internal successors, (77), 5 states have internal predecessors, (77), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:27:53,243 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:53,243 INFO L93 Difference]: Finished difference Result 911 states and 1409 transitions. [2025-03-03 14:27:53,244 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:27:53,244 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 15.4) internal successors, (77), 5 states have internal predecessors, (77), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) Word has length 120 [2025-03-03 14:27:53,244 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:53,247 INFO L225 Difference]: With dead ends: 911 [2025-03-03 14:27:53,247 INFO L226 Difference]: Without dead ends: 468 [2025-03-03 14:27:53,251 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:53,251 INFO L435 NwaCegarLoop]: 595 mSDtfsCounter, 2 mSDsluCounter, 1768 mSDsCounter, 0 mSdLazyCounter, 45 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2363 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 45 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:53,251 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2363 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 45 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:53,252 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 468 states. [2025-03-03 14:27:53,265 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 468 to 468. [2025-03-03 14:27:53,266 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 468 states, 360 states have (on average 1.5638888888888889) internal successors, (563), 366 states have internal predecessors, (563), 77 states have call successors, (77), 28 states have call predecessors, (77), 30 states have return successors, (81), 75 states have call predecessors, (81), 76 states have call successors, (81) [2025-03-03 14:27:53,268 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 468 states to 468 states and 721 transitions. [2025-03-03 14:27:53,269 INFO L78 Accepts]: Start accepts. Automaton has 468 states and 721 transitions. Word has length 120 [2025-03-03 14:27:53,269 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:53,269 INFO L471 AbstractCegarLoop]: Abstraction has 468 states and 721 transitions. [2025-03-03 14:27:53,270 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 15.4) internal successors, (77), 5 states have internal predecessors, (77), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:27:53,270 INFO L276 IsEmpty]: Start isEmpty. Operand 468 states and 721 transitions. [2025-03-03 14:27:53,271 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2025-03-03 14:27:53,271 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:53,271 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:53,272 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:27:53,272 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:53,272 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:53,272 INFO L85 PathProgramCache]: Analyzing trace with hash -781478247, now seen corresponding path program 3 times [2025-03-03 14:27:53,272 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:53,272 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [690973434] [2025-03-03 14:27:53,272 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2025-03-03 14:27:53,272 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:53,287 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 partitioned 121 statements into 3 equivalence classes. [2025-03-03 14:27:53,296 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) and asserted 109 of 121 statements. [2025-03-03 14:27:53,296 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2025-03-03 14:27:53,296 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:53,398 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:27:53,399 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:53,399 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [690973434] [2025-03-03 14:27:53,399 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [690973434] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:53,399 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:53,399 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:27:53,399 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [606419269] [2025-03-03 14:27:53,399 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:53,399 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:27:53,399 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:53,400 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:27:53,400 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:53,400 INFO L87 Difference]: Start difference. First operand 468 states and 721 transitions. Second operand has 5 states, 5 states have (on average 15.6) internal successors, (78), 5 states have internal predecessors, (78), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:27:53,445 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:53,445 INFO L93 Difference]: Finished difference Result 913 states and 1415 transitions. [2025-03-03 14:27:53,446 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:27:53,446 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 15.6) internal successors, (78), 5 states have internal predecessors, (78), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) Word has length 121 [2025-03-03 14:27:53,446 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:53,449 INFO L225 Difference]: With dead ends: 913 [2025-03-03 14:27:53,449 INFO L226 Difference]: Without dead ends: 470 [2025-03-03 14:27:53,450 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:53,451 INFO L435 NwaCegarLoop]: 598 mSDtfsCounter, 1 mSDsluCounter, 1776 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2374 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:53,451 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2374 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:53,453 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 470 states. [2025-03-03 14:27:53,467 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 470 to 470. [2025-03-03 14:27:53,468 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 470 states, 361 states have (on average 1.5623268698060941) internal successors, (564), 368 states have internal predecessors, (564), 77 states have call successors, (77), 28 states have call predecessors, (77), 31 states have return successors, (86), 75 states have call predecessors, (86), 76 states have call successors, (86) [2025-03-03 14:27:53,471 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 470 states to 470 states and 727 transitions. [2025-03-03 14:27:53,471 INFO L78 Accepts]: Start accepts. Automaton has 470 states and 727 transitions. Word has length 121 [2025-03-03 14:27:53,472 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:53,472 INFO L471 AbstractCegarLoop]: Abstraction has 470 states and 727 transitions. [2025-03-03 14:27:53,472 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 15.6) internal successors, (78), 5 states have internal predecessors, (78), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:27:53,472 INFO L276 IsEmpty]: Start isEmpty. Operand 470 states and 727 transitions. [2025-03-03 14:27:53,474 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 123 [2025-03-03 14:27:53,474 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:53,474 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:53,474 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:27:53,474 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:53,474 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:53,474 INFO L85 PathProgramCache]: Analyzing trace with hash 215348103, now seen corresponding path program 1 times [2025-03-03 14:27:53,474 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:53,474 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [707829047] [2025-03-03 14:27:53,474 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:53,475 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:53,489 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 122 statements into 1 equivalence classes. [2025-03-03 14:27:53,495 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 122 of 122 statements. [2025-03-03 14:27:53,495 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:53,495 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:53,597 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:27:53,597 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:53,597 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [707829047] [2025-03-03 14:27:53,597 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [707829047] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:53,597 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:53,597 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:27:53,597 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [158579531] [2025-03-03 14:27:53,597 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:53,598 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:27:53,598 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:53,598 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:27:53,598 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:53,598 INFO L87 Difference]: Start difference. First operand 470 states and 727 transitions. Second operand has 5 states, 4 states have (on average 20.0) internal successors, (80), 5 states have internal predecessors, (80), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:27:53,639 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:53,640 INFO L93 Difference]: Finished difference Result 919 states and 1425 transitions. [2025-03-03 14:27:53,640 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:27:53,640 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 20.0) internal successors, (80), 5 states have internal predecessors, (80), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) Word has length 122 [2025-03-03 14:27:53,640 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:53,643 INFO L225 Difference]: With dead ends: 919 [2025-03-03 14:27:53,643 INFO L226 Difference]: Without dead ends: 472 [2025-03-03 14:27:53,645 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:53,646 INFO L435 NwaCegarLoop]: 598 mSDtfsCounter, 1 mSDsluCounter, 1782 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2380 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:53,646 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2380 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:53,647 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 472 states. [2025-03-03 14:27:53,659 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 472 to 472. [2025-03-03 14:27:53,660 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 472 states, 362 states have (on average 1.5607734806629834) internal successors, (565), 370 states have internal predecessors, (565), 77 states have call successors, (77), 28 states have call predecessors, (77), 32 states have return successors, (88), 75 states have call predecessors, (88), 76 states have call successors, (88) [2025-03-03 14:27:53,662 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 472 states to 472 states and 730 transitions. [2025-03-03 14:27:53,663 INFO L78 Accepts]: Start accepts. Automaton has 472 states and 730 transitions. Word has length 122 [2025-03-03 14:27:53,663 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:53,663 INFO L471 AbstractCegarLoop]: Abstraction has 472 states and 730 transitions. [2025-03-03 14:27:53,663 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 20.0) internal successors, (80), 5 states have internal predecessors, (80), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:27:53,663 INFO L276 IsEmpty]: Start isEmpty. Operand 472 states and 730 transitions. [2025-03-03 14:27:53,665 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 124 [2025-03-03 14:27:53,665 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:53,666 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:53,666 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:27:53,666 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:53,666 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:53,666 INFO L85 PathProgramCache]: Analyzing trace with hash 1189053894, now seen corresponding path program 1 times [2025-03-03 14:27:53,666 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:53,666 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1798618354] [2025-03-03 14:27:53,666 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:53,666 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:53,681 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 123 statements into 1 equivalence classes. [2025-03-03 14:27:53,687 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 123 of 123 statements. [2025-03-03 14:27:53,687 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:53,687 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:53,783 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:53,783 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:53,783 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1798618354] [2025-03-03 14:27:53,783 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1798618354] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:27:53,783 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1436663562] [2025-03-03 14:27:53,783 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:53,783 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:53,783 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:53,786 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:27:53,788 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-03 14:27:53,912 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 123 statements into 1 equivalence classes. [2025-03-03 14:27:53,998 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 123 of 123 statements. [2025-03-03 14:27:53,998 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:53,998 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:54,002 INFO L256 TraceCheckSpWp]: Trace formula consists of 1091 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:27:54,005 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:27:54,024 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:54,025 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:27:54,088 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:54,088 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1436663562] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:27:54,089 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:27:54,089 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2025-03-03 14:27:54,089 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [533755441] [2025-03-03 14:27:54,089 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:27:54,089 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-03 14:27:54,089 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:54,090 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-03 14:27:54,090 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:27:54,090 INFO L87 Difference]: Start difference. First operand 472 states and 730 transitions. Second operand has 7 states, 7 states have (on average 16.142857142857142) internal successors, (113), 7 states have internal predecessors, (113), 2 states have call successors, (25), 2 states have call predecessors, (25), 2 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:27:54,234 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:54,234 INFO L93 Difference]: Finished difference Result 1099 states and 1760 transitions. [2025-03-03 14:27:54,234 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-03 14:27:54,235 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 16.142857142857142) internal successors, (113), 7 states have internal predecessors, (113), 2 states have call successors, (25), 2 states have call predecessors, (25), 2 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) Word has length 123 [2025-03-03 14:27:54,235 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:54,239 INFO L225 Difference]: With dead ends: 1099 [2025-03-03 14:27:54,240 INFO L226 Difference]: Without dead ends: 884 [2025-03-03 14:27:54,241 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 248 GetRequests, 243 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:27:54,241 INFO L435 NwaCegarLoop]: 643 mSDtfsCounter, 489 mSDsluCounter, 1521 mSDsCounter, 0 mSdLazyCounter, 68 mSolverCounterSat, 12 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 543 SdHoareTripleChecker+Valid, 2164 SdHoareTripleChecker+Invalid, 80 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 68 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:54,241 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [543 Valid, 2164 Invalid, 80 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [12 Valid, 68 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:27:54,242 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 884 states. [2025-03-03 14:27:54,261 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 884 to 860. [2025-03-03 14:27:54,263 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 860 states, 671 states have (on average 1.6289120715350223) internal successors, (1093), 679 states have internal predecessors, (1093), 156 states have call successors, (156), 28 states have call predecessors, (156), 32 states have return successors, (177), 154 states have call predecessors, (177), 155 states have call successors, (177) [2025-03-03 14:27:54,267 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 860 states to 860 states and 1426 transitions. [2025-03-03 14:27:54,268 INFO L78 Accepts]: Start accepts. Automaton has 860 states and 1426 transitions. Word has length 123 [2025-03-03 14:27:54,269 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:54,269 INFO L471 AbstractCegarLoop]: Abstraction has 860 states and 1426 transitions. [2025-03-03 14:27:54,269 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 16.142857142857142) internal successors, (113), 7 states have internal predecessors, (113), 2 states have call successors, (25), 2 states have call predecessors, (25), 2 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:27:54,269 INFO L276 IsEmpty]: Start isEmpty. Operand 860 states and 1426 transitions. [2025-03-03 14:27:54,273 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 130 [2025-03-03 14:27:54,273 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:54,273 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:54,281 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2025-03-03 14:27:54,473 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:54,474 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:54,474 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:54,474 INFO L85 PathProgramCache]: Analyzing trace with hash 252804070, now seen corresponding path program 1 times [2025-03-03 14:27:54,475 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:54,475 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2112920833] [2025-03-03 14:27:54,475 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:54,475 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:54,489 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 129 statements into 1 equivalence classes. [2025-03-03 14:27:54,495 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 129 of 129 statements. [2025-03-03 14:27:54,496 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:54,496 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:54,527 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:54,528 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:54,528 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2112920833] [2025-03-03 14:27:54,528 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2112920833] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:54,528 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:54,528 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:54,528 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [33378438] [2025-03-03 14:27:54,528 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:54,528 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:54,528 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:54,529 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:54,529 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:54,529 INFO L87 Difference]: Start difference. First operand 860 states and 1426 transitions. Second operand has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:54,566 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:54,566 INFO L93 Difference]: Finished difference Result 2047 states and 3446 transitions. [2025-03-03 14:27:54,567 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:54,567 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 129 [2025-03-03 14:27:54,567 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:54,574 INFO L225 Difference]: With dead ends: 2047 [2025-03-03 14:27:54,574 INFO L226 Difference]: Without dead ends: 1253 [2025-03-03 14:27:54,577 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:54,578 INFO L435 NwaCegarLoop]: 611 mSDtfsCounter, 124 mSDsluCounter, 600 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1211 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:54,578 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1211 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:54,579 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1253 states. [2025-03-03 14:27:54,612 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1253 to 1245. [2025-03-03 14:27:54,615 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1245 states, 977 states have (on average 1.645854657113613) internal successors, (1608), 985 states have internal predecessors, (1608), 235 states have call successors, (235), 28 states have call predecessors, (235), 32 states have return successors, (266), 233 states have call predecessors, (266), 234 states have call successors, (266) [2025-03-03 14:27:54,621 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1245 states to 1245 states and 2109 transitions. [2025-03-03 14:27:54,623 INFO L78 Accepts]: Start accepts. Automaton has 1245 states and 2109 transitions. Word has length 129 [2025-03-03 14:27:54,623 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:54,623 INFO L471 AbstractCegarLoop]: Abstraction has 1245 states and 2109 transitions. [2025-03-03 14:27:54,624 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:54,624 INFO L276 IsEmpty]: Start isEmpty. Operand 1245 states and 2109 transitions. [2025-03-03 14:27:54,629 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 131 [2025-03-03 14:27:54,630 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:54,630 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:54,630 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-03-03 14:27:54,630 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:54,631 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:54,631 INFO L85 PathProgramCache]: Analyzing trace with hash 513593049, now seen corresponding path program 1 times [2025-03-03 14:27:54,631 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:54,631 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1482651022] [2025-03-03 14:27:54,631 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:54,631 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:54,645 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 130 statements into 1 equivalence classes. [2025-03-03 14:27:54,653 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 130 of 130 statements. [2025-03-03 14:27:54,654 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:54,654 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:54,689 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:54,689 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:54,689 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1482651022] [2025-03-03 14:27:54,689 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1482651022] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:54,689 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:54,689 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:54,689 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [387460289] [2025-03-03 14:27:54,689 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:54,690 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:54,690 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:54,690 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:54,690 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:54,690 INFO L87 Difference]: Start difference. First operand 1245 states and 2109 transitions. Second operand has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:54,754 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:54,754 INFO L93 Difference]: Finished difference Result 2985 states and 5093 transitions. [2025-03-03 14:27:54,754 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:54,755 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 130 [2025-03-03 14:27:54,755 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:54,764 INFO L225 Difference]: With dead ends: 2985 [2025-03-03 14:27:54,765 INFO L226 Difference]: Without dead ends: 1857 [2025-03-03 14:27:54,768 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:54,769 INFO L435 NwaCegarLoop]: 605 mSDtfsCounter, 122 mSDsluCounter, 597 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1202 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:54,769 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1202 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:54,771 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1857 states. [2025-03-03 14:27:54,831 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1857 to 1849. [2025-03-03 14:27:54,834 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1849 states, 1462 states have (on average 1.6573187414500683) internal successors, (2423), 1470 states have internal predecessors, (2423), 354 states have call successors, (354), 28 states have call predecessors, (354), 32 states have return successors, (385), 352 states have call predecessors, (385), 353 states have call successors, (385) [2025-03-03 14:27:54,846 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1849 states to 1849 states and 3162 transitions. [2025-03-03 14:27:54,848 INFO L78 Accepts]: Start accepts. Automaton has 1849 states and 3162 transitions. Word has length 130 [2025-03-03 14:27:54,848 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:54,848 INFO L471 AbstractCegarLoop]: Abstraction has 1849 states and 3162 transitions. [2025-03-03 14:27:54,849 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:54,849 INFO L276 IsEmpty]: Start isEmpty. Operand 1849 states and 3162 transitions. [2025-03-03 14:27:54,857 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 132 [2025-03-03 14:27:54,857 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:54,858 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:54,858 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-03 14:27:54,858 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:54,858 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:54,858 INFO L85 PathProgramCache]: Analyzing trace with hash -803572091, now seen corresponding path program 1 times [2025-03-03 14:27:54,858 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:54,858 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [347478906] [2025-03-03 14:27:54,860 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:54,860 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:54,901 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 131 statements into 1 equivalence classes. [2025-03-03 14:27:54,908 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 131 of 131 statements. [2025-03-03 14:27:54,908 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:54,908 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:54,942 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:54,942 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:54,942 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [347478906] [2025-03-03 14:27:54,942 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [347478906] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:54,942 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:54,943 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:54,943 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1382424377] [2025-03-03 14:27:54,943 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:54,943 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:54,943 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:54,943 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:54,943 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:54,944 INFO L87 Difference]: Start difference. First operand 1849 states and 3162 transitions. Second operand has 3 states, 3 states have (on average 29.0) internal successors, (87), 3 states have internal predecessors, (87), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:55,034 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:55,034 INFO L93 Difference]: Finished difference Result 4392 states and 7575 transitions. [2025-03-03 14:27:55,034 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:55,035 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 29.0) internal successors, (87), 3 states have internal predecessors, (87), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 131 [2025-03-03 14:27:55,035 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:55,052 INFO L225 Difference]: With dead ends: 4392 [2025-03-03 14:27:55,052 INFO L226 Difference]: Without dead ends: 2782 [2025-03-03 14:27:55,061 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:55,062 INFO L435 NwaCegarLoop]: 603 mSDtfsCounter, 120 mSDsluCounter, 594 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1197 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:55,063 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1197 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:55,065 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2782 states. [2025-03-03 14:27:55,166 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2782 to 2774. [2025-03-03 14:27:55,170 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2774 states, 2225 states have (on average 1.6665168539325843) internal successors, (3708), 2233 states have internal predecessors, (3708), 516 states have call successors, (516), 28 states have call predecessors, (516), 32 states have return successors, (563), 514 states have call predecessors, (563), 515 states have call successors, (563) [2025-03-03 14:27:55,184 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2774 states to 2774 states and 4787 transitions. [2025-03-03 14:27:55,186 INFO L78 Accepts]: Start accepts. Automaton has 2774 states and 4787 transitions. Word has length 131 [2025-03-03 14:27:55,187 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:55,187 INFO L471 AbstractCegarLoop]: Abstraction has 2774 states and 4787 transitions. [2025-03-03 14:27:55,188 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 29.0) internal successors, (87), 3 states have internal predecessors, (87), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:55,188 INFO L276 IsEmpty]: Start isEmpty. Operand 2774 states and 4787 transitions. [2025-03-03 14:27:55,200 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 133 [2025-03-03 14:27:55,200 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:55,200 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:55,200 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-03-03 14:27:55,200 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:55,201 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:55,201 INFO L85 PathProgramCache]: Analyzing trace with hash 1837821402, now seen corresponding path program 1 times [2025-03-03 14:27:55,201 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:55,201 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [63101964] [2025-03-03 14:27:55,201 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:55,201 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:55,221 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 132 statements into 1 equivalence classes. [2025-03-03 14:27:55,229 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 132 of 132 statements. [2025-03-03 14:27:55,229 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:55,229 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:55,261 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:55,261 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:55,261 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [63101964] [2025-03-03 14:27:55,261 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [63101964] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:55,261 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:55,261 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:55,262 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [400102588] [2025-03-03 14:27:55,262 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:55,262 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:55,262 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:55,262 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:55,262 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:55,263 INFO L87 Difference]: Start difference. First operand 2774 states and 4787 transitions. Second operand has 3 states, 3 states have (on average 29.333333333333332) internal successors, (88), 3 states have internal predecessors, (88), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:55,402 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:55,403 INFO L93 Difference]: Finished difference Result 6610 states and 11496 transitions. [2025-03-03 14:27:55,403 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:55,404 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 29.333333333333332) internal successors, (88), 3 states have internal predecessors, (88), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 132 [2025-03-03 14:27:55,404 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:55,426 INFO L225 Difference]: With dead ends: 6610 [2025-03-03 14:27:55,426 INFO L226 Difference]: Without dead ends: 4275 [2025-03-03 14:27:55,432 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:55,433 INFO L435 NwaCegarLoop]: 603 mSDtfsCounter, 118 mSDsluCounter, 594 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1197 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:55,433 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1197 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:55,436 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4275 states. [2025-03-03 14:27:55,590 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4275 to 4267. [2025-03-03 14:27:55,598 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4267 states, 3473 states have (on average 1.6731932047221423) internal successors, (5811), 3481 states have internal predecessors, (5811), 761 states have call successors, (761), 28 states have call predecessors, (761), 32 states have return successors, (834), 759 states have call predecessors, (834), 760 states have call successors, (834) [2025-03-03 14:27:55,617 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4267 states to 4267 states and 7406 transitions. [2025-03-03 14:27:55,620 INFO L78 Accepts]: Start accepts. Automaton has 4267 states and 7406 transitions. Word has length 132 [2025-03-03 14:27:55,620 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:55,620 INFO L471 AbstractCegarLoop]: Abstraction has 4267 states and 7406 transitions. [2025-03-03 14:27:55,621 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 29.333333333333332) internal successors, (88), 3 states have internal predecessors, (88), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:55,621 INFO L276 IsEmpty]: Start isEmpty. Operand 4267 states and 7406 transitions. [2025-03-03 14:27:55,638 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 134 [2025-03-03 14:27:55,638 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:55,638 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:55,639 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-03 14:27:55,639 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:55,639 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:55,639 INFO L85 PathProgramCache]: Analyzing trace with hash 2036046404, now seen corresponding path program 1 times [2025-03-03 14:27:55,640 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:55,640 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1166419537] [2025-03-03 14:27:55,640 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:55,640 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:55,655 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 133 statements into 1 equivalence classes. [2025-03-03 14:27:55,661 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 133 of 133 statements. [2025-03-03 14:27:55,662 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:55,662 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:55,695 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:55,695 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:55,695 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1166419537] [2025-03-03 14:27:55,696 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1166419537] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:55,696 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:55,696 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:55,696 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [715873991] [2025-03-03 14:27:55,696 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:55,696 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:55,696 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:55,697 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:55,697 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:55,698 INFO L87 Difference]: Start difference. First operand 4267 states and 7406 transitions. Second operand has 3 states, 3 states have (on average 29.666666666666668) internal successors, (89), 3 states have internal predecessors, (89), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:55,888 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:55,888 INFO L93 Difference]: Finished difference Result 10570 states and 18452 transitions. [2025-03-03 14:27:55,889 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:55,889 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 29.666666666666668) internal successors, (89), 3 states have internal predecessors, (89), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 133 [2025-03-03 14:27:55,889 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:55,929 INFO L225 Difference]: With dead ends: 10570 [2025-03-03 14:27:55,929 INFO L226 Difference]: Without dead ends: 6969 [2025-03-03 14:27:55,943 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:55,944 INFO L435 NwaCegarLoop]: 621 mSDtfsCounter, 116 mSDsluCounter, 601 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1222 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:55,944 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1222 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:55,951 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 6969 states. [2025-03-03 14:27:56,182 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 6969 to 6961. [2025-03-03 14:27:56,194 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6961 states, 5674 states have (on average 1.6702502643637644) internal successors, (9477), 5682 states have internal predecessors, (9477), 1254 states have call successors, (1254), 28 states have call predecessors, (1254), 32 states have return successors, (1371), 1252 states have call predecessors, (1371), 1253 states have call successors, (1371) [2025-03-03 14:27:56,269 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6961 states to 6961 states and 12102 transitions. [2025-03-03 14:27:56,272 INFO L78 Accepts]: Start accepts. Automaton has 6961 states and 12102 transitions. Word has length 133 [2025-03-03 14:27:56,273 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:56,273 INFO L471 AbstractCegarLoop]: Abstraction has 6961 states and 12102 transitions. [2025-03-03 14:27:56,273 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 29.666666666666668) internal successors, (89), 3 states have internal predecessors, (89), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:56,273 INFO L276 IsEmpty]: Start isEmpty. Operand 6961 states and 12102 transitions. [2025-03-03 14:27:56,295 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 135 [2025-03-03 14:27:56,295 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:56,295 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:56,296 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-03 14:27:56,296 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:56,296 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:56,296 INFO L85 PathProgramCache]: Analyzing trace with hash -820605925, now seen corresponding path program 1 times [2025-03-03 14:27:56,296 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:56,296 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [542635659] [2025-03-03 14:27:56,296 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:56,297 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:56,310 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 134 statements into 1 equivalence classes. [2025-03-03 14:27:56,317 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 134 of 134 statements. [2025-03-03 14:27:56,317 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:56,317 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:56,342 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:56,343 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:56,343 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [542635659] [2025-03-03 14:27:56,343 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [542635659] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:56,343 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:56,343 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:56,343 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1782140356] [2025-03-03 14:27:56,343 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:56,344 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:56,344 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:56,344 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:56,344 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:56,344 INFO L87 Difference]: Start difference. First operand 6961 states and 12102 transitions. Second operand has 3 states, 3 states have (on average 30.0) internal successors, (90), 3 states have internal predecessors, (90), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:56,678 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:56,679 INFO L93 Difference]: Finished difference Result 17605 states and 30808 transitions. [2025-03-03 14:27:56,679 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:56,680 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 30.0) internal successors, (90), 3 states have internal predecessors, (90), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 134 [2025-03-03 14:27:56,680 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:56,737 INFO L225 Difference]: With dead ends: 17605 [2025-03-03 14:27:56,737 INFO L226 Difference]: Without dead ends: 11681 [2025-03-03 14:27:56,761 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:56,762 INFO L435 NwaCegarLoop]: 612 mSDtfsCounter, 114 mSDsluCounter, 598 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 132 SdHoareTripleChecker+Valid, 1210 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:56,762 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [132 Valid, 1210 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:56,774 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11681 states. [2025-03-03 14:27:57,251 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11681 to 11673. [2025-03-03 14:27:57,273 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11673 states, 9564 states have (on average 1.6711626934337098) internal successors, (15983), 9572 states have internal predecessors, (15983), 2076 states have call successors, (2076), 28 states have call predecessors, (2076), 32 states have return successors, (2271), 2074 states have call predecessors, (2271), 2075 states have call successors, (2271) [2025-03-03 14:27:57,321 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11673 states to 11673 states and 20330 transitions. [2025-03-03 14:27:57,330 INFO L78 Accepts]: Start accepts. Automaton has 11673 states and 20330 transitions. Word has length 134 [2025-03-03 14:27:57,330 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:57,330 INFO L471 AbstractCegarLoop]: Abstraction has 11673 states and 20330 transitions. [2025-03-03 14:27:57,331 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 30.0) internal successors, (90), 3 states have internal predecessors, (90), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:57,331 INFO L276 IsEmpty]: Start isEmpty. Operand 11673 states and 20330 transitions. [2025-03-03 14:27:57,367 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 136 [2025-03-03 14:27:57,367 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:57,367 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:57,368 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-03 14:27:57,368 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:57,368 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:57,368 INFO L85 PathProgramCache]: Analyzing trace with hash -458271325, now seen corresponding path program 1 times [2025-03-03 14:27:57,368 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:57,368 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1162583772] [2025-03-03 14:27:57,368 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:57,368 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:57,383 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 135 statements into 1 equivalence classes. [2025-03-03 14:27:57,390 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 135 of 135 statements. [2025-03-03 14:27:57,390 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:57,390 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:57,426 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:57,426 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:57,426 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1162583772] [2025-03-03 14:27:57,426 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1162583772] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:57,426 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:57,426 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:57,426 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1096106553] [2025-03-03 14:27:57,426 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:57,426 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:57,426 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:57,427 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:57,427 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:57,427 INFO L87 Difference]: Start difference. First operand 11673 states and 20330 transitions. Second operand has 3 states, 3 states have (on average 30.333333333333332) internal successors, (91), 3 states have internal predecessors, (91), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:57,800 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:57,800 INFO L93 Difference]: Finished difference Result 27836 states and 48450 transitions. [2025-03-03 14:27:57,801 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:57,801 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 30.333333333333332) internal successors, (91), 3 states have internal predecessors, (91), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 135 [2025-03-03 14:27:57,801 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:57,881 INFO L225 Difference]: With dead ends: 27836 [2025-03-03 14:27:57,881 INFO L226 Difference]: Without dead ends: 18137 [2025-03-03 14:27:57,927 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:57,927 INFO L435 NwaCegarLoop]: 610 mSDtfsCounter, 112 mSDsluCounter, 570 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 1180 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:57,927 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 1180 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:57,946 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 18137 states. [2025-03-03 14:27:58,599 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 18137 to 18129. [2025-03-03 14:27:58,628 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 18129 states, 14817 states have (on average 1.6475669838698792) internal successors, (24412), 14825 states have internal predecessors, (24412), 3279 states have call successors, (3279), 28 states have call predecessors, (3279), 32 states have return successors, (3618), 3277 states have call predecessors, (3618), 3278 states have call successors, (3618) [2025-03-03 14:27:58,695 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18129 states to 18129 states and 31309 transitions. [2025-03-03 14:27:58,704 INFO L78 Accepts]: Start accepts. Automaton has 18129 states and 31309 transitions. Word has length 135 [2025-03-03 14:27:58,704 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:58,704 INFO L471 AbstractCegarLoop]: Abstraction has 18129 states and 31309 transitions. [2025-03-03 14:27:58,705 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 30.333333333333332) internal successors, (91), 3 states have internal predecessors, (91), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:58,705 INFO L276 IsEmpty]: Start isEmpty. Operand 18129 states and 31309 transitions. [2025-03-03 14:27:58,740 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 137 [2025-03-03 14:27:58,740 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:58,740 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:58,740 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-03 14:27:58,740 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:58,742 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:58,742 INFO L85 PathProgramCache]: Analyzing trace with hash -714846436, now seen corresponding path program 1 times [2025-03-03 14:27:58,742 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:58,742 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [514623013] [2025-03-03 14:27:58,743 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:58,743 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:58,756 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 136 statements into 1 equivalence classes. [2025-03-03 14:27:58,764 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 136 of 136 statements. [2025-03-03 14:27:58,765 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:58,765 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:58,799 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:58,799 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:58,799 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [514623013] [2025-03-03 14:27:58,799 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [514623013] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:58,799 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:58,799 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:58,800 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [164413998] [2025-03-03 14:27:58,800 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:58,800 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:58,800 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:58,801 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:58,801 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:58,801 INFO L87 Difference]: Start difference. First operand 18129 states and 31309 transitions. Second operand has 3 states, 3 states have (on average 30.666666666666668) internal successors, (92), 3 states have internal predecessors, (92), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:27:59,535 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:59,535 INFO L93 Difference]: Finished difference Result 47863 states and 83019 transitions. [2025-03-03 14:27:59,536 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:59,536 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 30.666666666666668) internal successors, (92), 3 states have internal predecessors, (92), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 136 [2025-03-03 14:27:59,536 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:59,698 INFO L225 Difference]: With dead ends: 47863 [2025-03-03 14:27:59,699 INFO L226 Difference]: Without dead ends: 32307 [2025-03-03 14:27:59,761 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:59,762 INFO L435 NwaCegarLoop]: 603 mSDtfsCounter, 110 mSDsluCounter, 597 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1200 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:59,762 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1200 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:59,792 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 32307 states. [2025-03-03 14:28:00,892 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 32307 to 32299. [2025-03-03 14:28:00,942 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 32299 states, 26537 states have (on average 1.644986245619324) internal successors, (43653), 26545 states have internal predecessors, (43653), 5729 states have call successors, (5729), 28 states have call predecessors, (5729), 32 states have return successors, (6342), 5727 states have call predecessors, (6342), 5728 states have call successors, (6342) [2025-03-03 14:28:01,057 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 32299 states to 32299 states and 55724 transitions. [2025-03-03 14:28:01,073 INFO L78 Accepts]: Start accepts. Automaton has 32299 states and 55724 transitions. Word has length 136 [2025-03-03 14:28:01,074 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:01,074 INFO L471 AbstractCegarLoop]: Abstraction has 32299 states and 55724 transitions. [2025-03-03 14:28:01,074 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 30.666666666666668) internal successors, (92), 3 states have internal predecessors, (92), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:28:01,074 INFO L276 IsEmpty]: Start isEmpty. Operand 32299 states and 55724 transitions. [2025-03-03 14:28:01,119 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 138 [2025-03-03 14:28:01,119 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:01,119 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:01,119 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-03 14:28:01,119 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:01,120 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:01,120 INFO L85 PathProgramCache]: Analyzing trace with hash -573710302, now seen corresponding path program 1 times [2025-03-03 14:28:01,120 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:01,120 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1863217658] [2025-03-03 14:28:01,120 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:01,120 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:01,133 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 137 statements into 1 equivalence classes. [2025-03-03 14:28:01,140 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 137 of 137 statements. [2025-03-03 14:28:01,140 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:01,140 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:01,170 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:28:01,170 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:01,170 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1863217658] [2025-03-03 14:28:01,170 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1863217658] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:01,170 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:01,170 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:28:01,170 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1902401970] [2025-03-03 14:28:01,170 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:01,170 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:28:01,170 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:01,171 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:28:01,171 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:28:01,171 INFO L87 Difference]: Start difference. First operand 32299 states and 55724 transitions. Second operand has 3 states, 3 states have (on average 31.0) internal successors, (93), 3 states have internal predecessors, (93), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:28:02,248 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:28:02,249 INFO L93 Difference]: Finished difference Result 87980 states and 152341 transitions. [2025-03-03 14:28:02,249 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:28:02,249 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 31.0) internal successors, (93), 3 states have internal predecessors, (93), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 137 [2025-03-03 14:28:02,249 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:28:02,540 INFO L225 Difference]: With dead ends: 87980 [2025-03-03 14:28:02,540 INFO L226 Difference]: Without dead ends: 59121 [2025-03-03 14:28:02,634 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:28:02,634 INFO L435 NwaCegarLoop]: 614 mSDtfsCounter, 108 mSDsluCounter, 598 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 1212 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:28:02,635 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [126 Valid, 1212 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:28:02,682 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59121 states. [2025-03-03 14:28:04,926 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59121 to 59113. [2025-03-03 14:28:05,020 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59113 states, 48838 states have (on average 1.6412015234039068) internal successors, (80153), 48846 states have internal predecessors, (80153), 10242 states have call successors, (10242), 28 states have call predecessors, (10242), 32 states have return successors, (11387), 10240 states have call predecessors, (11387), 10241 states have call successors, (11387) [2025-03-03 14:28:05,435 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59113 states to 59113 states and 101782 transitions. [2025-03-03 14:28:05,466 INFO L78 Accepts]: Start accepts. Automaton has 59113 states and 101782 transitions. Word has length 137 [2025-03-03 14:28:05,466 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:05,466 INFO L471 AbstractCegarLoop]: Abstraction has 59113 states and 101782 transitions. [2025-03-03 14:28:05,467 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 31.0) internal successors, (93), 3 states have internal predecessors, (93), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:28:05,467 INFO L276 IsEmpty]: Start isEmpty. Operand 59113 states and 101782 transitions. [2025-03-03 14:28:05,510 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 139 [2025-03-03 14:28:05,510 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:05,510 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:05,511 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-03 14:28:05,511 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:05,511 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:05,511 INFO L85 PathProgramCache]: Analyzing trace with hash 398293693, now seen corresponding path program 1 times [2025-03-03 14:28:05,511 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:05,511 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1141971909] [2025-03-03 14:28:05,512 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:05,512 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:05,527 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 138 statements into 1 equivalence classes. [2025-03-03 14:28:05,535 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 138 of 138 statements. [2025-03-03 14:28:05,535 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:05,535 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:05,766 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:28:05,767 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:05,767 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1141971909] [2025-03-03 14:28:05,767 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1141971909] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:05,767 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:05,767 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:28:05,767 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [771263348] [2025-03-03 14:28:05,767 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:05,769 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:28:05,769 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:05,769 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:28:05,769 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:28:05,770 INFO L87 Difference]: Start difference. First operand 59113 states and 101782 transitions. Second operand has 3 states, 3 states have (on average 31.333333333333332) internal successors, (94), 3 states have internal predecessors, (94), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:28:07,733 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:28:07,733 INFO L93 Difference]: Finished difference Result 110561 states and 190840 transitions. [2025-03-03 14:28:07,734 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:28:07,734 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 31.333333333333332) internal successors, (94), 3 states have internal predecessors, (94), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 138 [2025-03-03 14:28:07,734 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:28:08,180 INFO L225 Difference]: With dead ends: 110561 [2025-03-03 14:28:08,180 INFO L226 Difference]: Without dead ends: 110346 [2025-03-03 14:28:08,219 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:28:08,222 INFO L435 NwaCegarLoop]: 612 mSDtfsCounter, 103 mSDsluCounter, 602 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 1214 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:28:08,222 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [120 Valid, 1214 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:28:08,302 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 110346 states. [2025-03-03 14:28:11,176 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 110346 to 110338. [2025-03-03 14:28:11,306 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 110338 states, 91695 states have (on average 1.6361524619663013) internal successors, (150027), 91703 states have internal predecessors, (150027), 18610 states have call successors, (18610), 28 states have call predecessors, (18610), 32 states have return successors, (20801), 18608 states have call predecessors, (20801), 18609 states have call successors, (20801) [2025-03-03 14:28:11,780 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 110338 states to 110338 states and 189438 transitions. [2025-03-03 14:28:11,821 INFO L78 Accepts]: Start accepts. Automaton has 110338 states and 189438 transitions. Word has length 138 [2025-03-03 14:28:11,821 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:11,821 INFO L471 AbstractCegarLoop]: Abstraction has 110338 states and 189438 transitions. [2025-03-03 14:28:11,822 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 31.333333333333332) internal successors, (94), 3 states have internal predecessors, (94), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:28:11,822 INFO L276 IsEmpty]: Start isEmpty. Operand 110338 states and 189438 transitions. [2025-03-03 14:28:11,884 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 140 [2025-03-03 14:28:11,885 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:11,885 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:11,885 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-03 14:28:11,885 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:11,886 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:11,886 INFO L85 PathProgramCache]: Analyzing trace with hash 1264366177, now seen corresponding path program 1 times [2025-03-03 14:28:11,886 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:11,886 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1345911082] [2025-03-03 14:28:11,886 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:11,886 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:11,904 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 139 statements into 1 equivalence classes. [2025-03-03 14:28:12,375 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 139 of 139 statements. [2025-03-03 14:28:12,378 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:12,378 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:12,730 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:28:12,731 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:12,731 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1345911082] [2025-03-03 14:28:12,731 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1345911082] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:12,731 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:12,731 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [14] imperfect sequences [] total 14 [2025-03-03 14:28:12,731 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1768512865] [2025-03-03 14:28:12,731 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:12,732 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2025-03-03 14:28:12,732 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:12,732 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2025-03-03 14:28:12,732 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=25, Invalid=157, Unknown=0, NotChecked=0, Total=182 [2025-03-03 14:28:12,732 INFO L87 Difference]: Start difference. First operand 110338 states and 189438 transitions. Second operand has 14 states, 12 states have (on average 7.916666666666667) internal successors, (95), 12 states have internal predecessors, (95), 6 states have call successors, (17), 3 states have call predecessors, (17), 4 states have return successors, (14), 6 states have call predecessors, (14), 6 states have call successors, (14) [2025-03-03 14:28:17,724 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:28:17,724 INFO L93 Difference]: Finished difference Result 220021 states and 383167 transitions. [2025-03-03 14:28:17,725 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2025-03-03 14:28:17,725 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 12 states have (on average 7.916666666666667) internal successors, (95), 12 states have internal predecessors, (95), 6 states have call successors, (17), 3 states have call predecessors, (17), 4 states have return successors, (14), 6 states have call predecessors, (14), 6 states have call successors, (14) Word has length 139 [2025-03-03 14:28:17,725 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:28:18,737 INFO L225 Difference]: With dead ends: 220021 [2025-03-03 14:28:18,738 INFO L226 Difference]: Without dead ends: 219812 [2025-03-03 14:28:18,850 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 109 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=152, Invalid=778, Unknown=0, NotChecked=0, Total=930 [2025-03-03 14:28:18,851 INFO L435 NwaCegarLoop]: 680 mSDtfsCounter, 1740 mSDsluCounter, 7192 mSDsCounter, 0 mSdLazyCounter, 1477 mSolverCounterSat, 532 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1740 SdHoareTripleChecker+Valid, 7872 SdHoareTripleChecker+Invalid, 2009 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 532 IncrementalHoareTripleChecker+Valid, 1477 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2025-03-03 14:28:18,852 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [1740 Valid, 7872 Invalid, 2009 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [532 Valid, 1477 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2025-03-03 14:28:18,991 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 219812 states. [2025-03-03 14:28:25,808 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 219812 to 219709. [2025-03-03 14:28:25,993 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 219709 states, 182650 states have (on average 1.6367533534081578) internal successors, (298953), 182557 states have internal predecessors, (298953), 36976 states have call successors, (36976), 75 states have call predecessors, (36976), 82 states have return successors, (44634), 37082 states have call predecessors, (44634), 36973 states have call successors, (44634) [2025-03-03 14:28:26,961 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 219709 states to 219709 states and 380563 transitions. [2025-03-03 14:28:27,019 INFO L78 Accepts]: Start accepts. Automaton has 219709 states and 380563 transitions. Word has length 139 [2025-03-03 14:28:27,019 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:27,020 INFO L471 AbstractCegarLoop]: Abstraction has 219709 states and 380563 transitions. [2025-03-03 14:28:27,020 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 12 states have (on average 7.916666666666667) internal successors, (95), 12 states have internal predecessors, (95), 6 states have call successors, (17), 3 states have call predecessors, (17), 4 states have return successors, (14), 6 states have call predecessors, (14), 6 states have call successors, (14) [2025-03-03 14:28:27,020 INFO L276 IsEmpty]: Start isEmpty. Operand 219709 states and 380563 transitions. [2025-03-03 14:28:27,160 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 141 [2025-03-03 14:28:27,160 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:27,160 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:27,161 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2025-03-03 14:28:27,161 INFO L396 AbstractCegarLoop]: === Iteration 22 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:27,161 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:27,161 INFO L85 PathProgramCache]: Analyzing trace with hash -198202894, now seen corresponding path program 1 times [2025-03-03 14:28:27,161 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:27,161 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [560414336] [2025-03-03 14:28:27,162 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:27,162 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:27,178 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 140 statements into 1 equivalence classes. [2025-03-03 14:28:27,187 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 140 of 140 statements. [2025-03-03 14:28:27,188 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:27,188 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:27,289 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:28:27,289 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:27,290 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [560414336] [2025-03-03 14:28:27,290 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [560414336] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:27,290 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:27,290 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:28:27,290 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [862003941] [2025-03-03 14:28:27,290 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:27,291 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:28:27,291 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:27,291 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:28:27,291 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:28:27,292 INFO L87 Difference]: Start difference. First operand 219709 states and 380563 transitions. Second operand has 5 states, 5 states have (on average 19.2) internal successors, (96), 5 states have internal predecessors, (96), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14)