./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec6_product21.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e2fb8bed Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec6_product21.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 7cf7ce6a809409f6f4ca5aec26ee44d6ee6c1bd8459af1b8b074817ec65bb1ea --- Real Ultimate output --- This is Ultimate 0.3.0-?-e2fb8be-m [2025-03-08 05:35:01,330 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-08 05:35:01,381 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-08 05:35:01,387 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-08 05:35:01,388 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-08 05:35:01,409 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-08 05:35:01,410 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-08 05:35:01,410 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-08 05:35:01,410 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-08 05:35:01,410 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-08 05:35:01,411 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-08 05:35:01,411 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-08 05:35:01,411 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-08 05:35:01,411 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-08 05:35:01,411 INFO L153 SettingsManager]: * Use SBE=true [2025-03-08 05:35:01,411 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-08 05:35:01,411 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-08 05:35:01,411 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-08 05:35:01,411 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-08 05:35:01,411 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-08 05:35:01,411 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-08 05:35:01,411 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-08 05:35:01,412 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-08 05:35:01,412 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-08 05:35:01,412 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-08 05:35:01,413 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-08 05:35:01,413 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-08 05:35:01,413 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-08 05:35:01,413 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-08 05:35:01,413 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 7cf7ce6a809409f6f4ca5aec26ee44d6ee6c1bd8459af1b8b074817ec65bb1ea [2025-03-08 05:35:01,681 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-08 05:35:01,693 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-08 05:35:01,695 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-08 05:35:01,696 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-08 05:35:01,697 INFO L274 PluginConnector]: CDTParser initialized [2025-03-08 05:35:01,697 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec6_product21.cil.c [2025-03-08 05:35:02,909 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/45905a0c8/dd369c0e5a7644f193701e98fa2461b4/FLAG5f23ecd2e [2025-03-08 05:35:03,251 INFO L384 CDTParser]: Found 1 translation units. [2025-03-08 05:35:03,252 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec6_product21.cil.c [2025-03-08 05:35:03,270 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/45905a0c8/dd369c0e5a7644f193701e98fa2461b4/FLAG5f23ecd2e [2025-03-08 05:35:03,287 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/45905a0c8/dd369c0e5a7644f193701e98fa2461b4 [2025-03-08 05:35:03,289 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-08 05:35:03,290 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-08 05:35:03,292 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-08 05:35:03,292 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-08 05:35:03,295 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-08 05:35:03,296 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:03,297 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@368966a1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03, skipping insertion in model container [2025-03-08 05:35:03,298 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:03,346 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-08 05:35:03,692 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec6_product21.cil.c[54302,54315] [2025-03-08 05:35:03,745 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-08 05:35:03,766 INFO L200 MainTranslator]: Completed pre-run [2025-03-08 05:35:03,773 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [48] [2025-03-08 05:35:03,775 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EncryptDecrypt_spec.i","") [66] [2025-03-08 05:35:03,775 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [129] [2025-03-08 05:35:03,775 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [239] [2025-03-08 05:35:03,775 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [562] [2025-03-08 05:35:03,775 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1634] [2025-03-08 05:35:03,776 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [1672] [2025-03-08 05:35:03,776 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [1901] [2025-03-08 05:35:03,776 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [2189] [2025-03-08 05:35:03,776 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [2592] [2025-03-08 05:35:03,777 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [2601] [2025-03-08 05:35:03,847 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec6_product21.cil.c[54302,54315] [2025-03-08 05:35:03,861 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-08 05:35:03,888 INFO L204 MainTranslator]: Completed translation [2025-03-08 05:35:03,888 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03 WrapperNode [2025-03-08 05:35:03,889 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-08 05:35:03,890 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-08 05:35:03,890 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-08 05:35:03,891 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-08 05:35:03,897 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:03,920 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:03,964 INFO L138 Inliner]: procedures = 129, calls = 202, calls flagged for inlining = 56, calls inlined = 53, statements flattened = 1048 [2025-03-08 05:35:03,964 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-08 05:35:03,965 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-08 05:35:03,965 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-08 05:35:03,965 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-08 05:35:03,971 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:03,972 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:03,977 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:04,016 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-08 05:35:04,016 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:04,016 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:04,040 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:04,041 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:04,050 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:04,052 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:04,057 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-08 05:35:04,058 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-08 05:35:04,058 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-08 05:35:04,058 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-08 05:35:04,061 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (1/1) ... [2025-03-08 05:35:04,065 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-08 05:35:04,077 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:35:04,091 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-08 05:35:04,094 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-08 05:35:04,113 INFO L130 BoogieDeclarations]: Found specification of procedure getClientPrivateKey [2025-03-08 05:35:04,113 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientPrivateKey [2025-03-08 05:35:04,113 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-08 05:35:04,113 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-08 05:35:04,113 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-08 05:35:04,113 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-08 05:35:04,113 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-08 05:35:04,113 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-08 05:35:04,113 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-08 05:35:04,113 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-08 05:35:04,113 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-08 05:35:04,113 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-08 05:35:04,114 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-08 05:35:04,114 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-08 05:35:04,114 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-08 05:35:04,114 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-08 05:35:04,114 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure isKeyPairValid [2025-03-08 05:35:04,114 INFO L138 BoogieDeclarations]: Found implementation of procedure isKeyPairValid [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-08 05:35:04,114 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-08 05:35:04,114 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-08 05:35:04,114 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-08 05:35:04,114 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-08 05:35:04,114 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-08 05:35:04,114 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-08 05:35:04,114 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-08 05:35:04,116 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-08 05:35:04,116 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-08 05:35:04,116 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-08 05:35:04,116 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-08 05:35:04,116 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-08 05:35:04,116 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-08 05:35:04,117 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-08 05:35:04,117 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-08 05:35:04,117 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-08 05:35:04,117 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-08 05:35:04,117 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-08 05:35:04,117 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-08 05:35:04,117 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-08 05:35:04,118 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-08 05:35:04,118 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-08 05:35:04,118 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-08 05:35:04,294 INFO L256 CfgBuilder]: Building ICFG [2025-03-08 05:35:04,296 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-08 05:35:04,395 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L530: #res := ~retValue_acc~9; [2025-03-08 05:35:04,432 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1268: #res#1 := ~retValue_acc~21#1; [2025-03-08 05:35:04,433 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1223-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~20#1; [2025-03-08 05:35:04,634 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L2273-1: getEmailFrom_#res#1 := getEmailFrom_~retValue_acc~32#1; [2025-03-08 05:35:04,636 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L192-1: isReadable__wrappee__Keys_#res#1 := isReadable__wrappee__Keys_~retValue_acc~1#1; [2025-03-08 05:35:04,636 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1564-1: getClientForwardReceiver_#res#1 := getClientForwardReceiver_~retValue_acc~25#1; [2025-03-08 05:35:04,636 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L212-1: isReadable_#res#1 := isReadable_~retValue_acc~2#1; [2025-03-08 05:35:04,636 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1492-1: findPublicKey_#res#1 := findPublicKey_~retValue_acc~24#1; [2025-03-08 05:35:04,636 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L2236-1: getEmailId_#res#1 := getEmailId_~retValue_acc~31#1; [2025-03-08 05:35:04,636 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1611-1: getClientId_#res#1 := getClientId_~retValue_acc~26#1; [2025-03-08 05:35:04,649 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1176: #res := ~retValue_acc~19; [2025-03-08 05:35:04,657 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L236-1: createEmail_#res#1 := createEmail_~retValue_acc~4#1; [2025-03-08 05:35:04,668 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L720: #res := ~retValue_acc~13; [2025-03-08 05:35:04,678 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L2425: #res := ~retValue_acc~36; [2025-03-08 05:35:04,709 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L2462: #res := ~retValue_acc~37; [2025-03-08 05:35:04,730 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L2310: #res := ~retValue_acc~33; [2025-03-08 05:35:04,785 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1046: #res := ~retValue_acc~17; [2025-03-08 05:35:05,054 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L487-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~6#1; [2025-03-08 05:35:05,055 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L505-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~8#1; [2025-03-08 05:35:05,055 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1331-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~22#1; [2025-03-08 05:35:05,055 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L496-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~7#1; [2025-03-08 05:35:05,055 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1669-1: valid_product_#res#1 := valid_product_~retValue_acc~28#1; [2025-03-08 05:35:05,055 INFO L1307 $ProcedureCfgBuilder]: dead code at ProgramPoint L1438-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~23#1; [2025-03-08 05:35:05,167 INFO L? ?]: Removed 519 outVars from TransFormulas that were not future-live. [2025-03-08 05:35:05,167 INFO L307 CfgBuilder]: Performing block encoding [2025-03-08 05:35:05,184 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-08 05:35:05,184 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-08 05:35:05,185 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:35:05 BoogieIcfgContainer [2025-03-08 05:35:05,185 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-08 05:35:05,187 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-08 05:35:05,188 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-08 05:35:05,191 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-08 05:35:05,191 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.03 05:35:03" (1/3) ... [2025-03-08 05:35:05,192 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@76c04cfc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.03 05:35:05, skipping insertion in model container [2025-03-08 05:35:05,192 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.03 05:35:03" (2/3) ... [2025-03-08 05:35:05,192 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@76c04cfc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.03 05:35:05, skipping insertion in model container [2025-03-08 05:35:05,192 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 08.03 05:35:05" (3/3) ... [2025-03-08 05:35:05,192 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec6_product21.cil.c [2025-03-08 05:35:05,203 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-08 05:35:05,206 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec6_product21.cil.c that has 24 procedures, 387 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-08 05:35:05,260 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-08 05:35:05,270 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@bc09732, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-08 05:35:05,270 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-08 05:35:05,275 INFO L276 IsEmpty]: Start isEmpty. Operand has 387 states, 301 states have (on average 1.558139534883721) internal successors, (469), 306 states have internal predecessors, (469), 61 states have call successors, (61), 23 states have call predecessors, (61), 23 states have return successors, (61), 60 states have call predecessors, (61), 61 states have call successors, (61) [2025-03-08 05:35:05,288 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 124 [2025-03-08 05:35:05,288 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:05,288 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:05,289 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:05,292 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:05,292 INFO L85 PathProgramCache]: Analyzing trace with hash 2094362246, now seen corresponding path program 1 times [2025-03-08 05:35:05,297 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:05,297 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [895193679] [2025-03-08 05:35:05,297 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:05,298 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:05,386 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 123 statements into 1 equivalence classes. [2025-03-08 05:35:05,437 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 123 of 123 statements. [2025-03-08 05:35:05,439 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:05,439 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:05,878 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 26 trivial. 0 not checked. [2025-03-08 05:35:05,879 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:05,879 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [895193679] [2025-03-08 05:35:05,879 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [895193679] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:35:05,880 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [464507142] [2025-03-08 05:35:05,880 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:05,880 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:35:05,880 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:35:05,882 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:35:05,883 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-08 05:35:06,037 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 123 statements into 1 equivalence classes. [2025-03-08 05:35:06,162 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 123 of 123 statements. [2025-03-08 05:35:06,162 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:06,162 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:06,167 INFO L256 TraceCheckSpWp]: Trace formula consists of 1108 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-08 05:35:06,173 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:35:06,206 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2025-03-08 05:35:06,207 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-08 05:35:06,207 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [464507142] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:06,207 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-08 05:35:06,207 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-08 05:35:06,209 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [670317208] [2025-03-08 05:35:06,209 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:06,212 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:35:06,212 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:06,235 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:35:06,235 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:35:06,238 INFO L87 Difference]: Start difference. First operand has 387 states, 301 states have (on average 1.558139534883721) internal successors, (469), 306 states have internal predecessors, (469), 61 states have call successors, (61), 23 states have call predecessors, (61), 23 states have return successors, (61), 60 states have call predecessors, (61), 61 states have call successors, (61) Second operand has 3 states, 3 states have (on average 23.333333333333332) internal successors, (70), 3 states have internal predecessors, (70), 2 states have call successors, (19), 2 states have call predecessors, (19), 2 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:06,316 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:06,316 INFO L93 Difference]: Finished difference Result 584 states and 878 transitions. [2025-03-08 05:35:06,320 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:35:06,321 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 23.333333333333332) internal successors, (70), 3 states have internal predecessors, (70), 2 states have call successors, (19), 2 states have call predecessors, (19), 2 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) Word has length 123 [2025-03-08 05:35:06,322 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:06,334 INFO L225 Difference]: With dead ends: 584 [2025-03-08 05:35:06,335 INFO L226 Difference]: Without dead ends: 381 [2025-03-08 05:35:06,342 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 127 GetRequests, 123 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:35:06,343 INFO L435 NwaCegarLoop]: 587 mSDtfsCounter, 0 mSDsluCounter, 584 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1171 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:06,344 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1171 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:06,355 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 381 states. [2025-03-08 05:35:06,389 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 381 to 381. [2025-03-08 05:35:06,391 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 381 states, 296 states have (on average 1.554054054054054) internal successors, (460), 300 states have internal predecessors, (460), 61 states have call successors, (61), 23 states have call predecessors, (61), 23 states have return successors, (60), 59 states have call predecessors, (60), 60 states have call successors, (60) [2025-03-08 05:35:06,400 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 381 states to 381 states and 581 transitions. [2025-03-08 05:35:06,403 INFO L78 Accepts]: Start accepts. Automaton has 381 states and 581 transitions. Word has length 123 [2025-03-08 05:35:06,404 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:06,404 INFO L471 AbstractCegarLoop]: Abstraction has 381 states and 581 transitions. [2025-03-08 05:35:06,405 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 23.333333333333332) internal successors, (70), 3 states have internal predecessors, (70), 2 states have call successors, (19), 2 states have call predecessors, (19), 2 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:06,405 INFO L276 IsEmpty]: Start isEmpty. Operand 381 states and 581 transitions. [2025-03-08 05:35:06,410 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 128 [2025-03-08 05:35:06,410 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:06,411 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:06,419 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-08 05:35:06,612 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-08 05:35:06,612 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:06,613 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:06,613 INFO L85 PathProgramCache]: Analyzing trace with hash -1607110018, now seen corresponding path program 1 times [2025-03-08 05:35:06,613 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:06,613 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [888460134] [2025-03-08 05:35:06,613 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:06,613 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:06,651 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-03-08 05:35:06,668 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-03-08 05:35:06,669 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:06,669 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:06,900 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 27 trivial. 0 not checked. [2025-03-08 05:35:06,901 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:06,901 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [888460134] [2025-03-08 05:35:06,901 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [888460134] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:35:06,901 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [614326073] [2025-03-08 05:35:06,901 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:06,901 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:35:06,901 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:35:06,903 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:35:06,905 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-08 05:35:07,063 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-03-08 05:35:07,199 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-03-08 05:35:07,200 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:07,200 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:07,207 INFO L256 TraceCheckSpWp]: Trace formula consists of 1119 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-08 05:35:07,214 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:35:07,236 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2025-03-08 05:35:07,236 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-08 05:35:07,236 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [614326073] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:07,236 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-08 05:35:07,236 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-08 05:35:07,237 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [312991100] [2025-03-08 05:35:07,237 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:07,238 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:35:07,238 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:07,238 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:35:07,239 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:35:07,239 INFO L87 Difference]: Start difference. First operand 381 states and 581 transitions. Second operand has 3 states, 3 states have (on average 24.666666666666668) internal successors, (74), 3 states have internal predecessors, (74), 2 states have call successors, (19), 2 states have call predecessors, (19), 2 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:07,302 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:07,305 INFO L93 Difference]: Finished difference Result 809 states and 1253 transitions. [2025-03-08 05:35:07,305 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:35:07,306 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 24.666666666666668) internal successors, (74), 3 states have internal predecessors, (74), 2 states have call successors, (19), 2 states have call predecessors, (19), 2 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) Word has length 127 [2025-03-08 05:35:07,306 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:07,310 INFO L225 Difference]: With dead ends: 809 [2025-03-08 05:35:07,311 INFO L226 Difference]: Without dead ends: 454 [2025-03-08 05:35:07,312 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 131 GetRequests, 127 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:35:07,313 INFO L435 NwaCegarLoop]: 592 mSDtfsCounter, 134 mSDsluCounter, 533 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 152 SdHoareTripleChecker+Valid, 1125 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:07,314 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [152 Valid, 1125 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:07,315 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 454 states. [2025-03-08 05:35:07,337 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 454 to 446. [2025-03-08 05:35:07,338 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 446 states, 347 states have (on average 1.5763688760806915) internal successors, (547), 351 states have internal predecessors, (547), 75 states have call successors, (75), 23 states have call predecessors, (75), 23 states have return successors, (74), 73 states have call predecessors, (74), 74 states have call successors, (74) [2025-03-08 05:35:07,342 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 446 states to 446 states and 696 transitions. [2025-03-08 05:35:07,343 INFO L78 Accepts]: Start accepts. Automaton has 446 states and 696 transitions. Word has length 127 [2025-03-08 05:35:07,343 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:07,344 INFO L471 AbstractCegarLoop]: Abstraction has 446 states and 696 transitions. [2025-03-08 05:35:07,344 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 24.666666666666668) internal successors, (74), 3 states have internal predecessors, (74), 2 states have call successors, (19), 2 states have call predecessors, (19), 2 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:07,345 INFO L276 IsEmpty]: Start isEmpty. Operand 446 states and 696 transitions. [2025-03-08 05:35:07,349 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 129 [2025-03-08 05:35:07,350 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:07,350 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:07,361 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2025-03-08 05:35:07,554 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-08 05:35:07,555 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:07,555 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:07,556 INFO L85 PathProgramCache]: Analyzing trace with hash 117839033, now seen corresponding path program 1 times [2025-03-08 05:35:07,556 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:07,557 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1567786048] [2025-03-08 05:35:07,557 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:07,557 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:07,591 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 128 statements into 1 equivalence classes. [2025-03-08 05:35:07,602 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 128 of 128 statements. [2025-03-08 05:35:07,605 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:07,605 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:07,826 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 27 trivial. 0 not checked. [2025-03-08 05:35:07,826 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:07,826 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1567786048] [2025-03-08 05:35:07,827 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1567786048] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:35:07,827 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1494814712] [2025-03-08 05:35:07,827 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:07,827 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:35:07,827 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:35:07,831 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:35:07,832 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-08 05:35:07,971 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 128 statements into 1 equivalence classes. [2025-03-08 05:35:08,080 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 128 of 128 statements. [2025-03-08 05:35:08,080 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:08,080 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:08,086 INFO L256 TraceCheckSpWp]: Trace formula consists of 1124 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-08 05:35:08,093 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:35:08,146 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2025-03-08 05:35:08,147 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-08 05:35:08,147 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1494814712] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:08,147 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-08 05:35:08,147 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-08 05:35:08,147 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1350277390] [2025-03-08 05:35:08,147 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:08,147 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:35:08,147 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:08,148 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:35:08,148 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-08 05:35:08,148 INFO L87 Difference]: Start difference. First operand 446 states and 696 transitions. Second operand has 5 states, 4 states have (on average 21.0) internal successors, (84), 5 states have internal predecessors, (84), 3 states have call successors, (19), 2 states have call predecessors, (19), 3 states have return successors, (16), 2 states have call predecessors, (16), 3 states have call successors, (16) [2025-03-08 05:35:08,224 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:08,227 INFO L93 Difference]: Finished difference Result 883 states and 1382 transitions. [2025-03-08 05:35:08,228 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:35:08,228 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 21.0) internal successors, (84), 5 states have internal predecessors, (84), 3 states have call successors, (19), 2 states have call predecessors, (19), 3 states have return successors, (16), 2 states have call predecessors, (16), 3 states have call successors, (16) Word has length 128 [2025-03-08 05:35:08,228 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:08,231 INFO L225 Difference]: With dead ends: 883 [2025-03-08 05:35:08,233 INFO L226 Difference]: Without dead ends: 448 [2025-03-08 05:35:08,235 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 132 GetRequests, 126 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-08 05:35:08,236 INFO L435 NwaCegarLoop]: 572 mSDtfsCounter, 2 mSDsluCounter, 1705 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2277 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:08,236 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2277 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:08,240 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 448 states. [2025-03-08 05:35:08,262 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 448 to 448. [2025-03-08 05:35:08,264 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 448 states, 348 states have (on average 1.5747126436781609) internal successors, (548), 353 states have internal predecessors, (548), 75 states have call successors, (75), 23 states have call predecessors, (75), 24 states have return successors, (76), 73 states have call predecessors, (76), 74 states have call successors, (76) [2025-03-08 05:35:08,269 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 448 states to 448 states and 699 transitions. [2025-03-08 05:35:08,270 INFO L78 Accepts]: Start accepts. Automaton has 448 states and 699 transitions. Word has length 128 [2025-03-08 05:35:08,271 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:08,271 INFO L471 AbstractCegarLoop]: Abstraction has 448 states and 699 transitions. [2025-03-08 05:35:08,271 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 21.0) internal successors, (84), 5 states have internal predecessors, (84), 3 states have call successors, (19), 2 states have call predecessors, (19), 3 states have return successors, (16), 2 states have call predecessors, (16), 3 states have call successors, (16) [2025-03-08 05:35:08,272 INFO L276 IsEmpty]: Start isEmpty. Operand 448 states and 699 transitions. [2025-03-08 05:35:08,274 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 149 [2025-03-08 05:35:08,276 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:08,276 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:08,286 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2025-03-08 05:35:08,476 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:35:08,478 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:08,478 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:08,478 INFO L85 PathProgramCache]: Analyzing trace with hash 851538288, now seen corresponding path program 1 times [2025-03-08 05:35:08,478 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:08,479 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1764181351] [2025-03-08 05:35:08,479 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:08,479 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:08,501 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 148 statements into 1 equivalence classes. [2025-03-08 05:35:08,525 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 148 of 148 statements. [2025-03-08 05:35:08,525 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:08,525 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:08,684 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 33 trivial. 0 not checked. [2025-03-08 05:35:08,685 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:08,685 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1764181351] [2025-03-08 05:35:08,685 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1764181351] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:35:08,685 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [171665844] [2025-03-08 05:35:08,685 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:08,685 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:35:08,685 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:35:08,688 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:35:08,689 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-08 05:35:08,826 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 148 statements into 1 equivalence classes. [2025-03-08 05:35:08,926 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 148 of 148 statements. [2025-03-08 05:35:08,926 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:08,926 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:08,930 INFO L256 TraceCheckSpWp]: Trace formula consists of 1203 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-08 05:35:08,934 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:35:08,979 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 26 trivial. 0 not checked. [2025-03-08 05:35:08,979 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-08 05:35:08,979 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [171665844] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:08,979 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-08 05:35:08,979 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-08 05:35:08,979 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1570586956] [2025-03-08 05:35:08,980 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:08,980 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:35:08,980 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:08,981 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:35:08,982 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-08 05:35:08,982 INFO L87 Difference]: Start difference. First operand 448 states and 699 transitions. Second operand has 5 states, 5 states have (on average 18.6) internal successors, (93), 5 states have internal predecessors, (93), 3 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 3 states have call predecessors, (19), 3 states have call successors, (19) [2025-03-08 05:35:09,043 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:09,043 INFO L93 Difference]: Finished difference Result 885 states and 1387 transitions. [2025-03-08 05:35:09,044 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:35:09,044 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 18.6) internal successors, (93), 5 states have internal predecessors, (93), 3 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 3 states have call predecessors, (19), 3 states have call successors, (19) Word has length 148 [2025-03-08 05:35:09,044 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:09,046 INFO L225 Difference]: With dead ends: 885 [2025-03-08 05:35:09,046 INFO L226 Difference]: Without dead ends: 450 [2025-03-08 05:35:09,050 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 155 GetRequests, 146 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-08 05:35:09,052 INFO L435 NwaCegarLoop]: 570 mSDtfsCounter, 2 mSDsluCounter, 1693 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2263 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:09,052 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2263 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:09,053 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 450 states. [2025-03-08 05:35:09,074 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 450 to 450. [2025-03-08 05:35:09,075 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 450 states, 349 states have (on average 1.5730659025787965) internal successors, (549), 355 states have internal predecessors, (549), 75 states have call successors, (75), 23 states have call predecessors, (75), 25 states have return successors, (81), 73 states have call predecessors, (81), 74 states have call successors, (81) [2025-03-08 05:35:09,077 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 450 states to 450 states and 705 transitions. [2025-03-08 05:35:09,078 INFO L78 Accepts]: Start accepts. Automaton has 450 states and 705 transitions. Word has length 148 [2025-03-08 05:35:09,079 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:09,079 INFO L471 AbstractCegarLoop]: Abstraction has 450 states and 705 transitions. [2025-03-08 05:35:09,079 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 18.6) internal successors, (93), 5 states have internal predecessors, (93), 3 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 3 states have call predecessors, (19), 3 states have call successors, (19) [2025-03-08 05:35:09,079 INFO L276 IsEmpty]: Start isEmpty. Operand 450 states and 705 transitions. [2025-03-08 05:35:09,081 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 131 [2025-03-08 05:35:09,081 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:09,082 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:09,094 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2025-03-08 05:35:09,282 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:35:09,283 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:09,283 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:09,283 INFO L85 PathProgramCache]: Analyzing trace with hash -1220407729, now seen corresponding path program 1 times [2025-03-08 05:35:09,283 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:09,283 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1504821974] [2025-03-08 05:35:09,283 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:09,284 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:09,305 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 130 statements into 1 equivalence classes. [2025-03-08 05:35:09,311 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 130 of 130 statements. [2025-03-08 05:35:09,312 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:09,312 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:09,453 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 27 trivial. 0 not checked. [2025-03-08 05:35:09,453 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:09,453 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1504821974] [2025-03-08 05:35:09,453 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1504821974] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:09,453 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:09,453 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:35:09,453 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [453891773] [2025-03-08 05:35:09,453 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:09,454 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:35:09,454 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:09,455 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:35:09,455 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:35:09,455 INFO L87 Difference]: Start difference. First operand 450 states and 705 transitions. Second operand has 5 states, 4 states have (on average 20.5) internal successors, (82), 5 states have internal predecessors, (82), 3 states have call successors, (19), 2 states have call predecessors, (19), 2 states have return successors, (16), 2 states have call predecessors, (16), 3 states have call successors, (16) [2025-03-08 05:35:09,493 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:09,493 INFO L93 Difference]: Finished difference Result 877 states and 1378 transitions. [2025-03-08 05:35:09,494 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:35:09,494 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 20.5) internal successors, (82), 5 states have internal predecessors, (82), 3 states have call successors, (19), 2 states have call predecessors, (19), 2 states have return successors, (16), 2 states have call predecessors, (16), 3 states have call successors, (16) Word has length 130 [2025-03-08 05:35:09,494 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:09,497 INFO L225 Difference]: With dead ends: 877 [2025-03-08 05:35:09,497 INFO L226 Difference]: Without dead ends: 450 [2025-03-08 05:35:09,498 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:35:09,499 INFO L435 NwaCegarLoop]: 573 mSDtfsCounter, 2 mSDsluCounter, 1708 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2281 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:09,499 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2281 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:09,499 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 450 states. [2025-03-08 05:35:09,519 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 450 to 450. [2025-03-08 05:35:09,521 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 450 states, 349 states have (on average 1.5730659025787965) internal successors, (549), 355 states have internal predecessors, (549), 75 states have call successors, (75), 23 states have call predecessors, (75), 25 states have return successors, (80), 73 states have call predecessors, (80), 74 states have call successors, (80) [2025-03-08 05:35:09,523 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 450 states to 450 states and 704 transitions. [2025-03-08 05:35:09,524 INFO L78 Accepts]: Start accepts. Automaton has 450 states and 704 transitions. Word has length 130 [2025-03-08 05:35:09,524 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:09,524 INFO L471 AbstractCegarLoop]: Abstraction has 450 states and 704 transitions. [2025-03-08 05:35:09,524 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 20.5) internal successors, (82), 5 states have internal predecessors, (82), 3 states have call successors, (19), 2 states have call predecessors, (19), 2 states have return successors, (16), 2 states have call predecessors, (16), 3 states have call successors, (16) [2025-03-08 05:35:09,524 INFO L276 IsEmpty]: Start isEmpty. Operand 450 states and 704 transitions. [2025-03-08 05:35:09,526 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 132 [2025-03-08 05:35:09,526 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:09,526 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:09,526 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2025-03-08 05:35:09,526 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:09,527 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:09,527 INFO L85 PathProgramCache]: Analyzing trace with hash -1065356227, now seen corresponding path program 2 times [2025-03-08 05:35:09,527 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:09,527 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1252289861] [2025-03-08 05:35:09,527 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-08 05:35:09,527 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:09,547 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 131 statements into 2 equivalence classes. [2025-03-08 05:35:09,563 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 131 of 131 statements. [2025-03-08 05:35:09,563 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-08 05:35:09,564 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:09,667 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-08 05:35:09,668 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:09,668 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1252289861] [2025-03-08 05:35:09,668 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1252289861] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:09,668 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:09,668 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:35:09,668 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2054440093] [2025-03-08 05:35:09,668 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:09,669 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:35:09,669 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:09,670 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:35:09,670 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:35:09,670 INFO L87 Difference]: Start difference. First operand 450 states and 704 transitions. Second operand has 5 states, 5 states have (on average 16.4) internal successors, (82), 5 states have internal predecessors, (82), 3 states have call successors, (19), 2 states have call predecessors, (19), 2 states have return successors, (16), 3 states have call predecessors, (16), 3 states have call successors, (16) [2025-03-08 05:35:09,715 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:09,715 INFO L93 Difference]: Finished difference Result 875 states and 1373 transitions. [2025-03-08 05:35:09,716 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:35:09,716 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 16.4) internal successors, (82), 5 states have internal predecessors, (82), 3 states have call successors, (19), 2 states have call predecessors, (19), 2 states have return successors, (16), 3 states have call predecessors, (16), 3 states have call successors, (16) Word has length 131 [2025-03-08 05:35:09,717 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:09,722 INFO L225 Difference]: With dead ends: 875 [2025-03-08 05:35:09,722 INFO L226 Difference]: Without dead ends: 450 [2025-03-08 05:35:09,723 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:35:09,724 INFO L435 NwaCegarLoop]: 571 mSDtfsCounter, 2 mSDsluCounter, 1696 mSDsCounter, 0 mSdLazyCounter, 45 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2267 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 45 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:09,724 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2267 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 45 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:09,725 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 450 states. [2025-03-08 05:35:09,744 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 450 to 450. [2025-03-08 05:35:09,745 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 450 states, 349 states have (on average 1.5730659025787965) internal successors, (549), 355 states have internal predecessors, (549), 75 states have call successors, (75), 23 states have call predecessors, (75), 25 states have return successors, (79), 73 states have call predecessors, (79), 74 states have call successors, (79) [2025-03-08 05:35:09,747 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 450 states to 450 states and 703 transitions. [2025-03-08 05:35:09,748 INFO L78 Accepts]: Start accepts. Automaton has 450 states and 703 transitions. Word has length 131 [2025-03-08 05:35:09,748 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:09,748 INFO L471 AbstractCegarLoop]: Abstraction has 450 states and 703 transitions. [2025-03-08 05:35:09,749 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 16.4) internal successors, (82), 5 states have internal predecessors, (82), 3 states have call successors, (19), 2 states have call predecessors, (19), 2 states have return successors, (16), 3 states have call predecessors, (16), 3 states have call successors, (16) [2025-03-08 05:35:09,749 INFO L276 IsEmpty]: Start isEmpty. Operand 450 states and 703 transitions. [2025-03-08 05:35:09,764 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 152 [2025-03-08 05:35:09,764 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:09,764 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:09,764 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-08 05:35:09,764 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:09,765 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:09,765 INFO L85 PathProgramCache]: Analyzing trace with hash 630287256, now seen corresponding path program 1 times [2025-03-08 05:35:09,765 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:09,765 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [750593038] [2025-03-08 05:35:09,765 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:09,765 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:09,786 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 151 statements into 1 equivalence classes. [2025-03-08 05:35:09,792 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 151 of 151 statements. [2025-03-08 05:35:09,792 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:09,792 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:09,913 INFO L134 CoverageAnalysis]: Checked inductivity of 47 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 40 trivial. 0 not checked. [2025-03-08 05:35:09,914 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:09,914 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [750593038] [2025-03-08 05:35:09,914 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [750593038] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:09,914 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:09,914 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:35:09,914 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1767038991] [2025-03-08 05:35:09,914 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:09,915 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:35:09,915 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:09,915 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:35:09,915 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:35:09,916 INFO L87 Difference]: Start difference. First operand 450 states and 703 transitions. Second operand has 5 states, 4 states have (on average 22.5) internal successors, (90), 5 states have internal predecessors, (90), 3 states have call successors, (22), 2 states have call predecessors, (22), 2 states have return successors, (19), 2 states have call predecessors, (19), 3 states have call successors, (19) [2025-03-08 05:35:09,953 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:09,953 INFO L93 Difference]: Finished difference Result 879 states and 1379 transitions. [2025-03-08 05:35:09,954 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:35:09,954 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 22.5) internal successors, (90), 5 states have internal predecessors, (90), 3 states have call successors, (22), 2 states have call predecessors, (22), 2 states have return successors, (19), 2 states have call predecessors, (19), 3 states have call successors, (19) Word has length 151 [2025-03-08 05:35:09,955 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:09,957 INFO L225 Difference]: With dead ends: 879 [2025-03-08 05:35:09,958 INFO L226 Difference]: Without dead ends: 452 [2025-03-08 05:35:09,959 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:35:09,960 INFO L435 NwaCegarLoop]: 574 mSDtfsCounter, 1 mSDsluCounter, 1710 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2284 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:09,961 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2284 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:09,962 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 452 states. [2025-03-08 05:35:09,979 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 452 to 452. [2025-03-08 05:35:09,980 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 452 states, 350 states have (on average 1.5714285714285714) internal successors, (550), 357 states have internal predecessors, (550), 75 states have call successors, (75), 23 states have call predecessors, (75), 26 states have return successors, (81), 73 states have call predecessors, (81), 74 states have call successors, (81) [2025-03-08 05:35:09,983 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 452 states to 452 states and 706 transitions. [2025-03-08 05:35:09,984 INFO L78 Accepts]: Start accepts. Automaton has 452 states and 706 transitions. Word has length 151 [2025-03-08 05:35:09,984 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:09,984 INFO L471 AbstractCegarLoop]: Abstraction has 452 states and 706 transitions. [2025-03-08 05:35:09,985 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 22.5) internal successors, (90), 5 states have internal predecessors, (90), 3 states have call successors, (22), 2 states have call predecessors, (22), 2 states have return successors, (19), 2 states have call predecessors, (19), 3 states have call successors, (19) [2025-03-08 05:35:09,985 INFO L276 IsEmpty]: Start isEmpty. Operand 452 states and 706 transitions. [2025-03-08 05:35:09,987 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 134 [2025-03-08 05:35:09,987 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:09,987 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:09,987 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-08 05:35:09,988 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:09,988 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:09,988 INFO L85 PathProgramCache]: Analyzing trace with hash 1148541202, now seen corresponding path program 1 times [2025-03-08 05:35:09,988 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:09,988 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [573102588] [2025-03-08 05:35:09,988 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:09,989 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:10,009 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 133 statements into 1 equivalence classes. [2025-03-08 05:35:10,016 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 133 of 133 statements. [2025-03-08 05:35:10,017 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:10,017 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:10,159 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2025-03-08 05:35:10,159 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:10,159 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [573102588] [2025-03-08 05:35:10,160 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [573102588] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:10,160 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:10,160 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-08 05:35:10,160 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [299651826] [2025-03-08 05:35:10,160 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:10,160 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-08 05:35:10,160 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:10,161 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-08 05:35:10,161 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-08 05:35:10,161 INFO L87 Difference]: Start difference. First operand 452 states and 706 transitions. Second operand has 8 states, 7 states have (on average 12.571428571428571) internal successors, (88), 8 states have internal predecessors, (88), 4 states have call successors, (19), 2 states have call predecessors, (19), 3 states have return successors, (16), 3 states have call predecessors, (16), 4 states have call successors, (16) [2025-03-08 05:35:10,282 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:10,283 INFO L93 Difference]: Finished difference Result 884 states and 1388 transitions. [2025-03-08 05:35:10,284 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-03-08 05:35:10,284 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 12.571428571428571) internal successors, (88), 8 states have internal predecessors, (88), 4 states have call successors, (19), 2 states have call predecessors, (19), 3 states have return successors, (16), 3 states have call predecessors, (16), 4 states have call successors, (16) Word has length 133 [2025-03-08 05:35:10,285 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:10,287 INFO L225 Difference]: With dead ends: 884 [2025-03-08 05:35:10,288 INFO L226 Difference]: Without dead ends: 457 [2025-03-08 05:35:10,290 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2025-03-08 05:35:10,290 INFO L435 NwaCegarLoop]: 566 mSDtfsCounter, 5 mSDsluCounter, 3367 mSDsCounter, 0 mSdLazyCounter, 164 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 6 SdHoareTripleChecker+Valid, 3933 SdHoareTripleChecker+Invalid, 169 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 164 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:10,290 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [6 Valid, 3933 Invalid, 169 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 164 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:35:10,292 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 457 states. [2025-03-08 05:35:10,307 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 457 to 457. [2025-03-08 05:35:10,308 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 457 states, 354 states have (on average 1.5677966101694916) internal successors, (555), 361 states have internal predecessors, (555), 75 states have call successors, (75), 24 states have call predecessors, (75), 27 states have return successors, (86), 73 states have call predecessors, (86), 74 states have call successors, (86) [2025-03-08 05:35:10,311 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 457 states to 457 states and 716 transitions. [2025-03-08 05:35:10,311 INFO L78 Accepts]: Start accepts. Automaton has 457 states and 716 transitions. Word has length 133 [2025-03-08 05:35:10,312 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:10,312 INFO L471 AbstractCegarLoop]: Abstraction has 457 states and 716 transitions. [2025-03-08 05:35:10,313 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 12.571428571428571) internal successors, (88), 8 states have internal predecessors, (88), 4 states have call successors, (19), 2 states have call predecessors, (19), 3 states have return successors, (16), 3 states have call predecessors, (16), 4 states have call successors, (16) [2025-03-08 05:35:10,313 INFO L276 IsEmpty]: Start isEmpty. Operand 457 states and 716 transitions. [2025-03-08 05:35:10,315 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 135 [2025-03-08 05:35:10,315 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:10,315 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:10,315 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-08 05:35:10,316 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:10,316 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:10,317 INFO L85 PathProgramCache]: Analyzing trace with hash -1743545783, now seen corresponding path program 1 times [2025-03-08 05:35:10,317 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:10,317 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [348983024] [2025-03-08 05:35:10,317 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:10,317 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:10,334 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 134 statements into 1 equivalence classes. [2025-03-08 05:35:10,342 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 134 of 134 statements. [2025-03-08 05:35:10,343 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:10,343 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:10,439 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2025-03-08 05:35:10,439 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:10,439 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [348983024] [2025-03-08 05:35:10,439 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [348983024] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-08 05:35:10,439 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [352151673] [2025-03-08 05:35:10,439 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:10,440 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:35:10,440 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-08 05:35:10,442 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-08 05:35:10,443 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-08 05:35:10,576 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 134 statements into 1 equivalence classes. [2025-03-08 05:35:10,664 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 134 of 134 statements. [2025-03-08 05:35:10,665 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:10,665 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:10,669 INFO L256 TraceCheckSpWp]: Trace formula consists of 1130 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-08 05:35:10,672 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-08 05:35:10,689 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2025-03-08 05:35:10,689 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-08 05:35:10,782 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2025-03-08 05:35:10,782 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [352151673] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-08 05:35:10,782 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-08 05:35:10,782 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2025-03-08 05:35:10,782 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1435436205] [2025-03-08 05:35:10,782 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-08 05:35:10,782 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-08 05:35:10,782 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:10,783 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-08 05:35:10,783 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-08 05:35:10,783 INFO L87 Difference]: Start difference. First operand 457 states and 716 transitions. Second operand has 7 states, 7 states have (on average 16.571428571428573) internal successors, (116), 7 states have internal predecessors, (116), 2 states have call successors, (29), 2 states have call predecessors, (29), 2 states have return successors, (26), 2 states have call predecessors, (26), 2 states have call successors, (26) [2025-03-08 05:35:10,947 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:10,948 INFO L93 Difference]: Finished difference Result 1078 states and 1749 transitions. [2025-03-08 05:35:10,948 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-08 05:35:10,949 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 16.571428571428573) internal successors, (116), 7 states have internal predecessors, (116), 2 states have call successors, (29), 2 states have call predecessors, (29), 2 states have return successors, (26), 2 states have call predecessors, (26), 2 states have call successors, (26) Word has length 134 [2025-03-08 05:35:10,949 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:10,954 INFO L225 Difference]: With dead ends: 1078 [2025-03-08 05:35:10,954 INFO L226 Difference]: Without dead ends: 888 [2025-03-08 05:35:10,956 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 270 GetRequests, 265 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-08 05:35:10,958 INFO L435 NwaCegarLoop]: 605 mSDtfsCounter, 642 mSDsluCounter, 990 mSDsCounter, 0 mSdLazyCounter, 69 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 696 SdHoareTripleChecker+Valid, 1595 SdHoareTripleChecker+Invalid, 87 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 69 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:10,958 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [696 Valid, 1595 Invalid, 87 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 69 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-08 05:35:10,959 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 888 states. [2025-03-08 05:35:10,989 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 888 to 864. [2025-03-08 05:35:10,991 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 864 states, 682 states have (on average 1.6378299120234605) internal successors, (1117), 689 states have internal predecessors, (1117), 154 states have call successors, (154), 24 states have call predecessors, (154), 27 states have return successors, (175), 152 states have call predecessors, (175), 153 states have call successors, (175) [2025-03-08 05:35:10,997 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 864 states to 864 states and 1446 transitions. [2025-03-08 05:35:10,998 INFO L78 Accepts]: Start accepts. Automaton has 864 states and 1446 transitions. Word has length 134 [2025-03-08 05:35:10,999 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:10,999 INFO L471 AbstractCegarLoop]: Abstraction has 864 states and 1446 transitions. [2025-03-08 05:35:10,999 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 16.571428571428573) internal successors, (116), 7 states have internal predecessors, (116), 2 states have call successors, (29), 2 states have call predecessors, (29), 2 states have return successors, (26), 2 states have call predecessors, (26), 2 states have call successors, (26) [2025-03-08 05:35:10,999 INFO L276 IsEmpty]: Start isEmpty. Operand 864 states and 1446 transitions. [2025-03-08 05:35:11,003 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 142 [2025-03-08 05:35:11,003 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:11,004 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:11,011 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2025-03-08 05:35:11,204 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-08 05:35:11,204 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:11,205 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:11,205 INFO L85 PathProgramCache]: Analyzing trace with hash 1999984859, now seen corresponding path program 1 times [2025-03-08 05:35:11,205 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:11,205 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [691068315] [2025-03-08 05:35:11,205 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:11,205 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:11,225 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 141 statements into 1 equivalence classes. [2025-03-08 05:35:11,233 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 141 of 141 statements. [2025-03-08 05:35:11,233 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:11,233 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:11,268 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2025-03-08 05:35:11,268 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:11,268 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [691068315] [2025-03-08 05:35:11,269 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [691068315] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:11,269 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:11,269 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:35:11,269 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2031287568] [2025-03-08 05:35:11,269 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:11,269 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:35:11,269 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:11,270 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:35:11,270 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:11,270 INFO L87 Difference]: Start difference. First operand 864 states and 1446 transitions. Second operand has 3 states, 3 states have (on average 30.0) internal successors, (90), 3 states have internal predecessors, (90), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:11,307 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:11,308 INFO L93 Difference]: Finished difference Result 2072 states and 3517 transitions. [2025-03-08 05:35:11,308 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:35:11,308 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 30.0) internal successors, (90), 3 states have internal predecessors, (90), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) Word has length 141 [2025-03-08 05:35:11,308 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:11,315 INFO L225 Difference]: With dead ends: 2072 [2025-03-08 05:35:11,315 INFO L226 Difference]: Without dead ends: 1275 [2025-03-08 05:35:11,317 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:11,318 INFO L435 NwaCegarLoop]: 595 mSDtfsCounter, 132 mSDsluCounter, 577 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 150 SdHoareTripleChecker+Valid, 1172 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:11,318 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [150 Valid, 1172 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:11,319 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1275 states. [2025-03-08 05:35:11,352 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1275 to 1267. [2025-03-08 05:35:11,355 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1267 states, 1006 states have (on average 1.6550695825049702) internal successors, (1665), 1013 states have internal predecessors, (1665), 233 states have call successors, (233), 24 states have call predecessors, (233), 27 states have return successors, (264), 231 states have call predecessors, (264), 232 states have call successors, (264) [2025-03-08 05:35:11,361 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1267 states to 1267 states and 2162 transitions. [2025-03-08 05:35:11,362 INFO L78 Accepts]: Start accepts. Automaton has 1267 states and 2162 transitions. Word has length 141 [2025-03-08 05:35:11,362 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:11,362 INFO L471 AbstractCegarLoop]: Abstraction has 1267 states and 2162 transitions. [2025-03-08 05:35:11,363 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 30.0) internal successors, (90), 3 states have internal predecessors, (90), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:11,363 INFO L276 IsEmpty]: Start isEmpty. Operand 1267 states and 2162 transitions. [2025-03-08 05:35:11,369 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 162 [2025-03-08 05:35:11,369 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:11,369 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:11,369 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2025-03-08 05:35:11,369 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:11,370 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:11,370 INFO L85 PathProgramCache]: Analyzing trace with hash 1897482980, now seen corresponding path program 1 times [2025-03-08 05:35:11,370 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:11,370 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [475668847] [2025-03-08 05:35:11,370 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:11,370 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:11,388 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 161 statements into 1 equivalence classes. [2025-03-08 05:35:11,395 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 161 of 161 statements. [2025-03-08 05:35:11,395 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:11,395 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:11,426 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2025-03-08 05:35:11,427 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:11,427 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [475668847] [2025-03-08 05:35:11,427 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [475668847] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:11,427 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:11,427 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:35:11,427 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [728032157] [2025-03-08 05:35:11,427 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:11,427 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:35:11,427 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:11,428 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:35:11,428 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:11,428 INFO L87 Difference]: Start difference. First operand 1267 states and 2162 transitions. Second operand has 3 states, 3 states have (on average 32.666666666666664) internal successors, (98), 3 states have internal predecessors, (98), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:11,476 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:11,477 INFO L93 Difference]: Finished difference Result 3058 states and 5251 transitions. [2025-03-08 05:35:11,477 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:35:11,477 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 32.666666666666664) internal successors, (98), 3 states have internal predecessors, (98), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 161 [2025-03-08 05:35:11,478 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:11,487 INFO L225 Difference]: With dead ends: 3058 [2025-03-08 05:35:11,487 INFO L226 Difference]: Without dead ends: 1907 [2025-03-08 05:35:11,492 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:11,492 INFO L435 NwaCegarLoop]: 588 mSDtfsCounter, 130 mSDsluCounter, 574 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 148 SdHoareTripleChecker+Valid, 1162 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:11,493 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [148 Valid, 1162 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:11,494 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1907 states. [2025-03-08 05:35:11,584 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1907 to 1899. [2025-03-08 05:35:11,587 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1899 states, 1519 states have (on average 1.6668861092824228) internal successors, (2532), 1526 states have internal predecessors, (2532), 352 states have call successors, (352), 24 states have call predecessors, (352), 27 states have return successors, (383), 350 states have call predecessors, (383), 351 states have call successors, (383) [2025-03-08 05:35:11,596 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1899 states to 1899 states and 3267 transitions. [2025-03-08 05:35:11,598 INFO L78 Accepts]: Start accepts. Automaton has 1899 states and 3267 transitions. Word has length 161 [2025-03-08 05:35:11,598 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:11,598 INFO L471 AbstractCegarLoop]: Abstraction has 1899 states and 3267 transitions. [2025-03-08 05:35:11,598 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 32.666666666666664) internal successors, (98), 3 states have internal predecessors, (98), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:11,598 INFO L276 IsEmpty]: Start isEmpty. Operand 1899 states and 3267 transitions. [2025-03-08 05:35:11,607 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 163 [2025-03-08 05:35:11,607 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:11,608 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:11,608 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-03-08 05:35:11,608 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:11,608 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:11,608 INFO L85 PathProgramCache]: Analyzing trace with hash -1483964963, now seen corresponding path program 1 times [2025-03-08 05:35:11,608 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:11,609 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1995484403] [2025-03-08 05:35:11,609 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:11,609 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:11,625 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 162 statements into 1 equivalence classes. [2025-03-08 05:35:11,631 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 162 of 162 statements. [2025-03-08 05:35:11,631 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:11,631 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:11,661 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2025-03-08 05:35:11,661 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:11,661 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1995484403] [2025-03-08 05:35:11,661 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1995484403] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:11,661 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:11,662 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:35:11,662 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [794899961] [2025-03-08 05:35:11,662 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:11,662 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:35:11,662 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:11,663 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:35:11,663 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:11,663 INFO L87 Difference]: Start difference. First operand 1899 states and 3267 transitions. Second operand has 3 states, 3 states have (on average 33.0) internal successors, (99), 3 states have internal predecessors, (99), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:11,733 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:11,733 INFO L93 Difference]: Finished difference Result 4542 states and 7873 transitions. [2025-03-08 05:35:11,733 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:35:11,733 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 33.0) internal successors, (99), 3 states have internal predecessors, (99), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 162 [2025-03-08 05:35:11,733 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:11,747 INFO L225 Difference]: With dead ends: 4542 [2025-03-08 05:35:11,747 INFO L226 Difference]: Without dead ends: 2877 [2025-03-08 05:35:11,752 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:11,753 INFO L435 NwaCegarLoop]: 579 mSDtfsCounter, 128 mSDsluCounter, 570 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 1149 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:11,753 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 1149 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:11,755 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2877 states. [2025-03-08 05:35:11,836 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2877 to 2869. [2025-03-08 05:35:11,875 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2869 states, 2327 states have (on average 1.6764073914911903) internal successors, (3901), 2334 states have internal predecessors, (3901), 514 states have call successors, (514), 24 states have call predecessors, (514), 27 states have return successors, (561), 512 states have call predecessors, (561), 513 states have call successors, (561) [2025-03-08 05:35:11,902 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2869 states to 2869 states and 4976 transitions. [2025-03-08 05:35:11,903 INFO L78 Accepts]: Start accepts. Automaton has 2869 states and 4976 transitions. Word has length 162 [2025-03-08 05:35:11,903 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:11,904 INFO L471 AbstractCegarLoop]: Abstraction has 2869 states and 4976 transitions. [2025-03-08 05:35:11,904 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 33.0) internal successors, (99), 3 states have internal predecessors, (99), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:11,904 INFO L276 IsEmpty]: Start isEmpty. Operand 2869 states and 4976 transitions. [2025-03-08 05:35:11,917 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 164 [2025-03-08 05:35:11,917 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:11,917 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:11,917 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-08 05:35:11,918 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:11,918 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:11,918 INFO L85 PathProgramCache]: Analyzing trace with hash -1623287291, now seen corresponding path program 1 times [2025-03-08 05:35:11,918 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:11,918 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [713953530] [2025-03-08 05:35:11,918 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:11,919 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:11,937 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 163 statements into 1 equivalence classes. [2025-03-08 05:35:11,944 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 163 of 163 statements. [2025-03-08 05:35:11,945 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:11,945 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:11,980 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2025-03-08 05:35:11,980 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:11,981 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [713953530] [2025-03-08 05:35:11,981 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [713953530] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:11,981 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:11,981 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:35:11,981 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1058765018] [2025-03-08 05:35:11,981 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:11,981 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:35:11,981 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:11,982 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:35:11,982 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:11,982 INFO L87 Difference]: Start difference. First operand 2869 states and 4976 transitions. Second operand has 3 states, 3 states have (on average 33.333333333333336) internal successors, (100), 3 states have internal predecessors, (100), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:12,074 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:12,075 INFO L93 Difference]: Finished difference Result 6889 states and 12028 transitions. [2025-03-08 05:35:12,075 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:35:12,075 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 33.333333333333336) internal successors, (100), 3 states have internal predecessors, (100), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 163 [2025-03-08 05:35:12,076 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:12,097 INFO L225 Difference]: With dead ends: 6889 [2025-03-08 05:35:12,097 INFO L226 Difference]: Without dead ends: 4447 [2025-03-08 05:35:12,106 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:12,107 INFO L435 NwaCegarLoop]: 579 mSDtfsCounter, 126 mSDsluCounter, 570 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 1149 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:12,107 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 1149 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:12,111 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4447 states. [2025-03-08 05:35:12,280 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4447 to 4439. [2025-03-08 05:35:12,286 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4439 states, 3652 states have (on average 1.6831872946330777) internal successors, (6147), 3659 states have internal predecessors, (6147), 759 states have call successors, (759), 24 states have call predecessors, (759), 27 states have return successors, (832), 757 states have call predecessors, (832), 758 states have call successors, (832) [2025-03-08 05:35:12,307 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4439 states to 4439 states and 7738 transitions. [2025-03-08 05:35:12,311 INFO L78 Accepts]: Start accepts. Automaton has 4439 states and 7738 transitions. Word has length 163 [2025-03-08 05:35:12,311 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:12,311 INFO L471 AbstractCegarLoop]: Abstraction has 4439 states and 7738 transitions. [2025-03-08 05:35:12,311 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 33.333333333333336) internal successors, (100), 3 states have internal predecessors, (100), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:12,312 INFO L276 IsEmpty]: Start isEmpty. Operand 4439 states and 7738 transitions. [2025-03-08 05:35:12,335 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 146 [2025-03-08 05:35:12,335 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:12,335 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:12,335 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-03-08 05:35:12,335 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:12,336 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:12,336 INFO L85 PathProgramCache]: Analyzing trace with hash -827784323, now seen corresponding path program 1 times [2025-03-08 05:35:12,336 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:12,336 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1094049640] [2025-03-08 05:35:12,336 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:12,336 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:12,354 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 145 statements into 1 equivalence classes. [2025-03-08 05:35:12,361 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 145 of 145 statements. [2025-03-08 05:35:12,362 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:12,362 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:12,399 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2025-03-08 05:35:12,399 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:12,399 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1094049640] [2025-03-08 05:35:12,399 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1094049640] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:12,399 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:12,399 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:35:12,399 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1237443820] [2025-03-08 05:35:12,399 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:12,400 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:35:12,400 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:12,400 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:35:12,401 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:12,401 INFO L87 Difference]: Start difference. First operand 4439 states and 7738 transitions. Second operand has 3 states, 3 states have (on average 31.333333333333332) internal successors, (94), 3 states have internal predecessors, (94), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:12,623 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:12,623 INFO L93 Difference]: Finished difference Result 10802 states and 18955 transitions. [2025-03-08 05:35:12,624 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:35:12,624 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 31.333333333333332) internal successors, (94), 3 states have internal predecessors, (94), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) Word has length 145 [2025-03-08 05:35:12,624 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:12,668 INFO L225 Difference]: With dead ends: 10802 [2025-03-08 05:35:12,669 INFO L226 Difference]: Without dead ends: 7086 [2025-03-08 05:35:12,685 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:12,686 INFO L435 NwaCegarLoop]: 596 mSDtfsCounter, 124 mSDsluCounter, 570 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1166 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:12,686 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1166 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:12,692 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 7086 states. [2025-03-08 05:35:13,000 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 7086 to 7078. [2025-03-08 05:35:13,012 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7078 states, 5798 states have (on average 1.6829941359089342) internal successors, (9758), 5805 states have internal predecessors, (9758), 1252 states have call successors, (1252), 24 states have call predecessors, (1252), 27 states have return successors, (1369), 1250 states have call predecessors, (1369), 1251 states have call successors, (1369) [2025-03-08 05:35:13,041 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7078 states to 7078 states and 12379 transitions. [2025-03-08 05:35:13,046 INFO L78 Accepts]: Start accepts. Automaton has 7078 states and 12379 transitions. Word has length 145 [2025-03-08 05:35:13,046 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:13,046 INFO L471 AbstractCegarLoop]: Abstraction has 7078 states and 12379 transitions. [2025-03-08 05:35:13,046 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 31.333333333333332) internal successors, (94), 3 states have internal predecessors, (94), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:13,046 INFO L276 IsEmpty]: Start isEmpty. Operand 7078 states and 12379 transitions. [2025-03-08 05:35:13,073 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 166 [2025-03-08 05:35:13,073 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:13,073 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:13,074 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-08 05:35:13,074 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:13,074 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:13,074 INFO L85 PathProgramCache]: Analyzing trace with hash 764778278, now seen corresponding path program 1 times [2025-03-08 05:35:13,074 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:13,074 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [877850466] [2025-03-08 05:35:13,074 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:13,075 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:13,090 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 165 statements into 1 equivalence classes. [2025-03-08 05:35:13,096 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 165 of 165 statements. [2025-03-08 05:35:13,096 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:13,096 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:13,160 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2025-03-08 05:35:13,160 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:13,161 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [877850466] [2025-03-08 05:35:13,161 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [877850466] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:13,161 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:13,161 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:35:13,161 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1581508594] [2025-03-08 05:35:13,161 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:13,161 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:35:13,161 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:13,161 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:35:13,162 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:13,162 INFO L87 Difference]: Start difference. First operand 7078 states and 12379 transitions. Second operand has 3 states, 3 states have (on average 34.0) internal successors, (102), 3 states have internal predecessors, (102), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:13,366 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:13,366 INFO L93 Difference]: Finished difference Result 17899 states and 31490 transitions. [2025-03-08 05:35:13,367 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:35:13,371 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.0) internal successors, (102), 3 states have internal predecessors, (102), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 165 [2025-03-08 05:35:13,371 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:13,433 INFO L225 Difference]: With dead ends: 17899 [2025-03-08 05:35:13,433 INFO L226 Difference]: Without dead ends: 11899 [2025-03-08 05:35:13,464 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:13,465 INFO L435 NwaCegarLoop]: 581 mSDtfsCounter, 122 mSDsluCounter, 573 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1154 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:13,465 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1154 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:13,477 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11899 states. [2025-03-08 05:35:13,832 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11899 to 11891. [2025-03-08 05:35:13,851 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11891 states, 9789 states have (on average 1.6837266319338033) internal successors, (16482), 9796 states have internal predecessors, (16482), 2074 states have call successors, (2074), 24 states have call predecessors, (2074), 27 states have return successors, (2269), 2072 states have call predecessors, (2269), 2073 states have call successors, (2269) [2025-03-08 05:35:13,891 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11891 states to 11891 states and 20825 transitions. [2025-03-08 05:35:13,899 INFO L78 Accepts]: Start accepts. Automaton has 11891 states and 20825 transitions. Word has length 165 [2025-03-08 05:35:13,900 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:13,900 INFO L471 AbstractCegarLoop]: Abstraction has 11891 states and 20825 transitions. [2025-03-08 05:35:13,900 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.0) internal successors, (102), 3 states have internal predecessors, (102), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:13,900 INFO L276 IsEmpty]: Start isEmpty. Operand 11891 states and 20825 transitions. [2025-03-08 05:35:13,937 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 148 [2025-03-08 05:35:13,938 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:13,938 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:13,938 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-08 05:35:13,938 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:13,938 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:13,939 INFO L85 PathProgramCache]: Analyzing trace with hash -826811362, now seen corresponding path program 1 times [2025-03-08 05:35:13,939 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:13,939 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1672268268] [2025-03-08 05:35:13,939 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:13,939 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:13,987 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 147 statements into 1 equivalence classes. [2025-03-08 05:35:13,992 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 147 of 147 statements. [2025-03-08 05:35:13,993 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:13,993 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:14,020 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2025-03-08 05:35:14,021 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:14,021 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1672268268] [2025-03-08 05:35:14,021 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1672268268] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:14,021 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:14,021 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:35:14,021 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [627807131] [2025-03-08 05:35:14,021 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:14,022 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:35:14,022 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:14,022 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:35:14,022 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:14,022 INFO L87 Difference]: Start difference. First operand 11891 states and 20825 transitions. Second operand has 3 states, 3 states have (on average 32.0) internal successors, (96), 3 states have internal predecessors, (96), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:14,429 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:14,430 INFO L93 Difference]: Finished difference Result 28417 states and 49734 transitions. [2025-03-08 05:35:14,430 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:35:14,431 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 32.0) internal successors, (96), 3 states have internal predecessors, (96), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) Word has length 147 [2025-03-08 05:35:14,431 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:14,511 INFO L225 Difference]: With dead ends: 28417 [2025-03-08 05:35:14,512 INFO L226 Difference]: Without dead ends: 18549 [2025-03-08 05:35:14,551 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:14,552 INFO L435 NwaCegarLoop]: 586 mSDtfsCounter, 120 mSDsluCounter, 546 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1132 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:14,553 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1132 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:14,569 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 18549 states. [2025-03-08 05:35:15,460 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 18549 to 18541. [2025-03-08 05:35:15,494 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 18541 states, 15236 states have (on average 1.6619191388815961) internal successors, (25321), 15243 states have internal predecessors, (25321), 3277 states have call successors, (3277), 24 states have call predecessors, (3277), 27 states have return successors, (3616), 3275 states have call predecessors, (3616), 3276 states have call successors, (3616) [2025-03-08 05:35:15,572 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18541 states to 18541 states and 32214 transitions. [2025-03-08 05:35:15,580 INFO L78 Accepts]: Start accepts. Automaton has 18541 states and 32214 transitions. Word has length 147 [2025-03-08 05:35:15,580 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:15,581 INFO L471 AbstractCegarLoop]: Abstraction has 18541 states and 32214 transitions. [2025-03-08 05:35:15,581 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 32.0) internal successors, (96), 3 states have internal predecessors, (96), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:15,581 INFO L276 IsEmpty]: Start isEmpty. Operand 18541 states and 32214 transitions. [2025-03-08 05:35:15,631 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 168 [2025-03-08 05:35:15,632 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:15,632 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:15,632 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-08 05:35:15,632 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:15,634 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:15,634 INFO L85 PathProgramCache]: Analyzing trace with hash -1942296633, now seen corresponding path program 1 times [2025-03-08 05:35:15,634 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:15,634 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [213919014] [2025-03-08 05:35:15,634 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:15,634 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:15,655 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 167 statements into 1 equivalence classes. [2025-03-08 05:35:15,666 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 167 of 167 statements. [2025-03-08 05:35:15,666 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:15,666 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:15,696 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2025-03-08 05:35:15,696 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:15,696 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [213919014] [2025-03-08 05:35:15,696 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [213919014] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:15,696 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:15,696 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:35:15,696 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [218538642] [2025-03-08 05:35:15,697 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:15,697 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:35:15,697 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:15,697 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:35:15,697 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:15,698 INFO L87 Difference]: Start difference. First operand 18541 states and 32214 transitions. Second operand has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:16,338 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:16,339 INFO L93 Difference]: Finished difference Result 49014 states and 85479 transitions. [2025-03-08 05:35:16,339 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:35:16,339 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 167 [2025-03-08 05:35:16,339 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:16,516 INFO L225 Difference]: With dead ends: 49014 [2025-03-08 05:35:16,516 INFO L226 Difference]: Without dead ends: 33101 [2025-03-08 05:35:16,585 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:16,585 INFO L435 NwaCegarLoop]: 579 mSDtfsCounter, 118 mSDsluCounter, 573 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1152 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:16,586 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1152 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:16,618 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 33101 states. [2025-03-08 05:35:17,942 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 33101 to 33093. [2025-03-08 05:35:17,997 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 33093 states, 27338 states have (on average 1.6590460165337626) internal successors, (45355), 27345 states have internal predecessors, (45355), 5727 states have call successors, (5727), 24 states have call predecessors, (5727), 27 states have return successors, (6340), 5725 states have call predecessors, (6340), 5726 states have call successors, (6340) [2025-03-08 05:35:18,138 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 33093 states to 33093 states and 57422 transitions. [2025-03-08 05:35:18,154 INFO L78 Accepts]: Start accepts. Automaton has 33093 states and 57422 transitions. Word has length 167 [2025-03-08 05:35:18,155 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:18,155 INFO L471 AbstractCegarLoop]: Abstraction has 33093 states and 57422 transitions. [2025-03-08 05:35:18,155 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:18,156 INFO L276 IsEmpty]: Start isEmpty. Operand 33093 states and 57422 transitions. [2025-03-08 05:35:18,220 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 150 [2025-03-08 05:35:18,220 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:18,220 INFO L218 NwaCegarLoop]: trace histogram [4, 4, 4, 4, 4, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:18,221 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-08 05:35:18,221 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:18,221 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:18,221 INFO L85 PathProgramCache]: Analyzing trace with hash 224366262, now seen corresponding path program 2 times [2025-03-08 05:35:18,221 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:18,221 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1300894351] [2025-03-08 05:35:18,221 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-08 05:35:18,222 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:18,243 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 149 statements into 2 equivalence classes. [2025-03-08 05:35:18,259 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 149 of 149 statements. [2025-03-08 05:35:18,260 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-08 05:35:18,260 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:18,357 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 25 proven. 0 refuted. 0 times theorem prover too weak. 43 trivial. 0 not checked. [2025-03-08 05:35:18,357 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:18,357 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1300894351] [2025-03-08 05:35:18,357 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1300894351] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:18,357 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:18,357 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-08 05:35:18,357 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1274053162] [2025-03-08 05:35:18,357 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:18,358 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-08 05:35:18,358 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:18,358 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-08 05:35:18,358 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:35:18,359 INFO L87 Difference]: Start difference. First operand 33093 states and 57422 transitions. Second operand has 5 states, 5 states have (on average 18.4) internal successors, (92), 5 states have internal predecessors, (92), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:19,284 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:19,284 INFO L93 Difference]: Finished difference Result 62479 states and 108562 transitions. [2025-03-08 05:35:19,285 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-08 05:35:19,285 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 18.4) internal successors, (92), 5 states have internal predecessors, (92), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) Word has length 149 [2025-03-08 05:35:19,285 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:19,459 INFO L225 Difference]: With dead ends: 62479 [2025-03-08 05:35:19,460 INFO L226 Difference]: Without dead ends: 33101 [2025-03-08 05:35:19,555 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-08 05:35:19,556 INFO L435 NwaCegarLoop]: 730 mSDtfsCounter, 131 mSDsluCounter, 2048 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 149 SdHoareTripleChecker+Valid, 2778 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:19,556 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [149 Valid, 2778 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:19,585 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 33101 states. [2025-03-08 05:35:20,727 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 33101 to 33093. [2025-03-08 05:35:20,771 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 33093 states, 27338 states have (on average 1.6493159704440705) internal successors, (45089), 27345 states have internal predecessors, (45089), 5727 states have call successors, (5727), 24 states have call predecessors, (5727), 27 states have return successors, (6340), 5725 states have call predecessors, (6340), 5726 states have call successors, (6340) [2025-03-08 05:35:20,866 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 33093 states to 33093 states and 57156 transitions. [2025-03-08 05:35:20,885 INFO L78 Accepts]: Start accepts. Automaton has 33093 states and 57156 transitions. Word has length 149 [2025-03-08 05:35:20,885 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:20,885 INFO L471 AbstractCegarLoop]: Abstraction has 33093 states and 57156 transitions. [2025-03-08 05:35:20,885 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 18.4) internal successors, (92), 5 states have internal predecessors, (92), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:20,886 INFO L276 IsEmpty]: Start isEmpty. Operand 33093 states and 57156 transitions. [2025-03-08 05:35:20,939 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 150 [2025-03-08 05:35:20,939 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:20,939 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:20,940 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-08 05:35:20,940 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:20,940 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:20,940 INFO L85 PathProgramCache]: Analyzing trace with hash -2092199521, now seen corresponding path program 1 times [2025-03-08 05:35:20,940 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:20,940 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1506609069] [2025-03-08 05:35:20,940 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:20,941 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:20,958 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 149 statements into 1 equivalence classes. [2025-03-08 05:35:20,964 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 149 of 149 statements. [2025-03-08 05:35:20,964 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:20,964 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:20,994 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2025-03-08 05:35:20,994 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:20,994 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1506609069] [2025-03-08 05:35:20,995 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1506609069] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:20,995 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:20,995 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:35:20,995 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [15236569] [2025-03-08 05:35:20,995 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:20,996 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:35:20,996 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:20,996 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:35:20,996 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:20,996 INFO L87 Difference]: Start difference. First operand 33093 states and 57156 transitions. Second operand has 3 states, 3 states have (on average 32.666666666666664) internal successors, (98), 3 states have internal predecessors, (98), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:22,171 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:22,171 INFO L93 Difference]: Finished difference Result 90271 states and 156346 transitions. [2025-03-08 05:35:22,172 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:35:22,172 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 32.666666666666664) internal successors, (98), 3 states have internal predecessors, (98), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) Word has length 149 [2025-03-08 05:35:22,172 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:22,538 INFO L225 Difference]: With dead ends: 90271 [2025-03-08 05:35:22,539 INFO L226 Difference]: Without dead ends: 60676 [2025-03-08 05:35:22,651 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:22,651 INFO L435 NwaCegarLoop]: 586 mSDtfsCounter, 116 mSDsluCounter, 574 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1160 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:22,652 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1160 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:22,706 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60676 states. [2025-03-08 05:35:24,641 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60676 to 60668. [2025-03-08 05:35:24,711 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60668 states, 50400 states have (on average 1.6446626984126984) internal successors, (82891), 50407 states have internal predecessors, (82891), 10240 states have call successors, (10240), 24 states have call predecessors, (10240), 27 states have return successors, (11385), 10238 states have call predecessors, (11385), 10239 states have call successors, (11385) [2025-03-08 05:35:25,102 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60668 states to 60668 states and 104516 transitions. [2025-03-08 05:35:25,131 INFO L78 Accepts]: Start accepts. Automaton has 60668 states and 104516 transitions. Word has length 149 [2025-03-08 05:35:25,131 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:25,131 INFO L471 AbstractCegarLoop]: Abstraction has 60668 states and 104516 transitions. [2025-03-08 05:35:25,131 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 32.666666666666664) internal successors, (98), 3 states have internal predecessors, (98), 2 states have call successors, (19), 2 states have call predecessors, (19), 1 states have return successors, (16), 2 states have call predecessors, (16), 2 states have call successors, (16) [2025-03-08 05:35:25,131 INFO L276 IsEmpty]: Start isEmpty. Operand 60668 states and 104516 transitions. [2025-03-08 05:35:25,381 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 170 [2025-03-08 05:35:25,381 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:25,382 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:25,382 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-08 05:35:25,382 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:25,382 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:25,382 INFO L85 PathProgramCache]: Analyzing trace with hash 577976584, now seen corresponding path program 1 times [2025-03-08 05:35:25,382 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:25,382 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1196282440] [2025-03-08 05:35:25,383 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:25,383 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:25,397 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 169 statements into 1 equivalence classes. [2025-03-08 05:35:25,402 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 169 of 169 statements. [2025-03-08 05:35:25,402 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:25,402 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:25,428 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2025-03-08 05:35:25,428 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:25,428 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1196282440] [2025-03-08 05:35:25,429 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1196282440] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:25,429 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:25,429 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-08 05:35:25,430 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2014208587] [2025-03-08 05:35:25,430 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:25,430 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-08 05:35:25,430 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:25,431 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-08 05:35:25,431 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:25,431 INFO L87 Difference]: Start difference. First operand 60668 states and 104516 transitions. Second operand has 3 states, 3 states have (on average 35.333333333333336) internal successors, (106), 3 states have internal predecessors, (106), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:27,363 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:27,364 INFO L93 Difference]: Finished difference Result 113618 states and 196126 transitions. [2025-03-08 05:35:27,364 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-08 05:35:27,364 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 35.333333333333336) internal successors, (106), 3 states have internal predecessors, (106), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 169 [2025-03-08 05:35:27,364 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:28,058 INFO L225 Difference]: With dead ends: 113618 [2025-03-08 05:35:28,059 INFO L226 Difference]: Without dead ends: 113428 [2025-03-08 05:35:28,118 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-08 05:35:28,119 INFO L435 NwaCegarLoop]: 588 mSDtfsCounter, 111 mSDsluCounter, 578 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1166 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:28,119 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1166 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-08 05:35:28,212 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 113428 states. [2025-03-08 05:35:31,369 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 113428 to 113420. [2025-03-08 05:35:31,489 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 113420 states, 94784 states have (on average 1.6389686022957461) internal successors, (155348), 94791 states have internal predecessors, (155348), 18608 states have call successors, (18608), 24 states have call predecessors, (18608), 27 states have return successors, (20799), 18606 states have call predecessors, (20799), 18607 states have call successors, (20799) [2025-03-08 05:35:32,132 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 113420 states to 113420 states and 194755 transitions. [2025-03-08 05:35:32,165 INFO L78 Accepts]: Start accepts. Automaton has 113420 states and 194755 transitions. Word has length 169 [2025-03-08 05:35:32,165 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:32,165 INFO L471 AbstractCegarLoop]: Abstraction has 113420 states and 194755 transitions. [2025-03-08 05:35:32,166 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 35.333333333333336) internal successors, (106), 3 states have internal predecessors, (106), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:32,166 INFO L276 IsEmpty]: Start isEmpty. Operand 113420 states and 194755 transitions. [2025-03-08 05:35:32,268 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 171 [2025-03-08 05:35:32,268 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:32,269 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:32,269 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-08 05:35:32,269 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:32,272 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:32,272 INFO L85 PathProgramCache]: Analyzing trace with hash -723439431, now seen corresponding path program 1 times [2025-03-08 05:35:32,272 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:32,272 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [610985637] [2025-03-08 05:35:32,272 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:32,272 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:32,290 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 170 statements into 1 equivalence classes. [2025-03-08 05:35:32,298 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 170 of 170 statements. [2025-03-08 05:35:32,298 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:32,298 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:32,390 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2025-03-08 05:35:32,391 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:32,391 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [610985637] [2025-03-08 05:35:32,391 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [610985637] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:32,391 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:32,392 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2025-03-08 05:35:32,392 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [552957957] [2025-03-08 05:35:32,392 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:32,392 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2025-03-08 05:35:32,392 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:32,393 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2025-03-08 05:35:32,393 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-08 05:35:32,393 INFO L87 Difference]: Start difference. First operand 113420 states and 194755 transitions. Second operand has 6 states, 6 states have (on average 17.833333333333332) internal successors, (107), 5 states have internal predecessors, (107), 2 states have call successors, (22), 3 states have call predecessors, (22), 2 states have return successors, (19), 3 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:36,811 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-08 05:35:36,811 INFO L93 Difference]: Finished difference Result 218287 states and 376282 transitions. [2025-03-08 05:35:36,812 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2025-03-08 05:35:36,812 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 17.833333333333332) internal successors, (107), 5 states have internal predecessors, (107), 2 states have call successors, (22), 3 states have call predecessors, (22), 2 states have return successors, (19), 3 states have call predecessors, (19), 2 states have call successors, (19) Word has length 170 [2025-03-08 05:35:36,812 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-08 05:35:37,784 INFO L225 Difference]: With dead ends: 218287 [2025-03-08 05:35:37,784 INFO L226 Difference]: Without dead ends: 218105 [2025-03-08 05:35:37,895 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-03-08 05:35:37,895 INFO L435 NwaCegarLoop]: 637 mSDtfsCounter, 531 mSDsluCounter, 2327 mSDsCounter, 0 mSdLazyCounter, 143 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 532 SdHoareTripleChecker+Valid, 2964 SdHoareTripleChecker+Invalid, 144 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 143 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2025-03-08 05:35:37,895 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [532 Valid, 2964 Invalid, 144 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 143 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2025-03-08 05:35:38,051 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 218105 states. [2025-03-08 05:35:43,962 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 218105 to 218097. [2025-03-08 05:35:44,162 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 218097 states, 182328 states have (on average 1.6418048791189506) internal successors, (299347), 182283 states have internal predecessors, (299347), 35718 states have call successors, (35718), 46 states have call predecessors, (35718), 50 states have return successors, (39001), 35771 states have call predecessors, (39001), 35716 states have call successors, (39001) [2025-03-08 05:35:45,273 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 218097 states to 218097 states and 374066 transitions. [2025-03-08 05:35:45,345 INFO L78 Accepts]: Start accepts. Automaton has 218097 states and 374066 transitions. Word has length 170 [2025-03-08 05:35:45,345 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-08 05:35:45,345 INFO L471 AbstractCegarLoop]: Abstraction has 218097 states and 374066 transitions. [2025-03-08 05:35:45,345 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 17.833333333333332) internal successors, (107), 5 states have internal predecessors, (107), 2 states have call successors, (22), 3 states have call predecessors, (22), 2 states have return successors, (19), 3 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-08 05:35:45,345 INFO L276 IsEmpty]: Start isEmpty. Operand 218097 states and 374066 transitions. [2025-03-08 05:35:45,491 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 172 [2025-03-08 05:35:45,491 INFO L210 NwaCegarLoop]: Found error trace [2025-03-08 05:35:45,491 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-08 05:35:45,491 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2025-03-08 05:35:45,491 INFO L396 AbstractCegarLoop]: === Iteration 22 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-08 05:35:45,492 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-08 05:35:45,492 INFO L85 PathProgramCache]: Analyzing trace with hash -792615673, now seen corresponding path program 1 times [2025-03-08 05:35:45,492 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-08 05:35:45,492 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1213926915] [2025-03-08 05:35:45,492 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-08 05:35:45,492 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-08 05:35:45,510 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 171 statements into 1 equivalence classes. [2025-03-08 05:35:45,517 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 171 of 171 statements. [2025-03-08 05:35:45,517 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-08 05:35:45,518 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-08 05:35:45,734 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2025-03-08 05:35:45,735 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-08 05:35:45,735 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1213926915] [2025-03-08 05:35:45,735 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1213926915] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-08 05:35:45,735 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-08 05:35:45,735 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2025-03-08 05:35:45,735 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2116554029] [2025-03-08 05:35:45,735 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-08 05:35:45,736 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2025-03-08 05:35:45,736 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-08 05:35:45,737 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2025-03-08 05:35:45,737 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2025-03-08 05:35:45,738 INFO L87 Difference]: Start difference. First operand 218097 states and 374066 transitions. Second operand has 9 states, 8 states have (on average 13.5) internal successors, (108), 7 states have internal predecessors, (108), 4 states have call successors, (22), 4 states have call predecessors, (22), 2 states have return successors, (19), 3 states have call predecessors, (19), 4 states have call successors, (19)