./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec0_product34.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec0_product34.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 6360accf87941df9e6bbc5dca5477ecef598d17cc597fc561012b4ee441ae425 --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:20:02,494 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:20:02,552 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:20:02,558 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:20:02,559 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:20:02,581 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:20:02,582 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:20:02,582 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:20:02,583 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:20:02,583 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:20:02,583 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:20:02,584 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:20:02,584 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:20:02,584 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:20:02,584 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:20:02,585 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:20:02,585 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 6360accf87941df9e6bbc5dca5477ecef598d17cc597fc561012b4ee441ae425 [2025-03-03 14:20:02,797 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:20:02,802 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:20:02,803 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:20:02,804 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:20:02,804 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:20:02,805 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec0_product34.cil.c [2025-03-03 14:20:03,921 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/da04de769/1a9bf810e6dd45cab53c1d7afd813544/FLAG2ae3850f0 [2025-03-03 14:20:04,236 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:20:04,236 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec0_product34.cil.c [2025-03-03 14:20:04,250 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/da04de769/1a9bf810e6dd45cab53c1d7afd813544/FLAG2ae3850f0 [2025-03-03 14:20:04,486 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/da04de769/1a9bf810e6dd45cab53c1d7afd813544 [2025-03-03 14:20:04,488 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:20:04,489 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:20:04,489 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:20:04,490 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:20:04,492 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:20:04,493 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:20:04" (1/1) ... [2025-03-03 14:20:04,495 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@665819ac and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:04, skipping insertion in model container [2025-03-03 14:20:04,496 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:20:04" (1/1) ... [2025-03-03 14:20:04,541 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:20:04,763 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec0_product34.cil.c[12611,12624] [2025-03-03 14:20:05,027 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:20:05,045 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:20:05,052 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [48] [2025-03-03 14:20:05,054 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [380] [2025-03-03 14:20:05,054 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [599] [2025-03-03 14:20:05,054 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [608] [2025-03-03 14:20:05,054 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [643] [2025-03-03 14:20:05,055 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [1712] [2025-03-03 14:20:05,055 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [2078] [2025-03-03 14:20:05,055 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [2226] [2025-03-03 14:20:05,055 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"DecryptForward_spec.i","") [2628] [2025-03-03 14:20:05,056 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [2647] [2025-03-03 14:20:05,056 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [2664] [2025-03-03 14:20:05,072 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec0_product34.cil.c[12611,12624] [2025-03-03 14:20:05,134 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:20:05,163 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:20:05,163 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05 WrapperNode [2025-03-03 14:20:05,163 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:20:05,164 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:20:05,164 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:20:05,164 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:20:05,168 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (1/1) ... [2025-03-03 14:20:05,185 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (1/1) ... [2025-03-03 14:20:05,227 INFO L138 Inliner]: procedures = 134, calls = 218, calls flagged for inlining = 62, calls inlined = 59, statements flattened = 1091 [2025-03-03 14:20:05,227 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:20:05,228 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:20:05,228 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:20:05,228 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:20:05,235 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (1/1) ... [2025-03-03 14:20:05,235 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (1/1) ... [2025-03-03 14:20:05,243 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (1/1) ... [2025-03-03 14:20:05,268 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-03 14:20:05,268 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (1/1) ... [2025-03-03 14:20:05,268 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (1/1) ... [2025-03-03 14:20:05,293 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (1/1) ... [2025-03-03 14:20:05,299 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (1/1) ... [2025-03-03 14:20:05,306 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (1/1) ... [2025-03-03 14:20:05,311 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (1/1) ... [2025-03-03 14:20:05,322 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:20:05,322 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:20:05,323 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:20:05,323 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:20:05,324 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (1/1) ... [2025-03-03 14:20:05,332 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:20:05,344 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:20:05,356 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:20:05,361 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:20:05,374 INFO L130 BoogieDeclarations]: Found specification of procedure getClientPrivateKey [2025-03-03 14:20:05,374 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientPrivateKey [2025-03-03 14:20:05,374 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-03 14:20:05,374 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-03 14:20:05,374 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-03 14:20:05,374 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-03 14:20:05,374 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-03 14:20:05,374 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-03 14:20:05,374 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-03 14:20:05,374 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-03 14:20:05,374 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailSignKey [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailSignKey [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure isSigned [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure isSigned [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure isKeyPairValid [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure isKeyPairValid [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-03 14:20:05,375 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-03 14:20:05,375 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-03 14:20:05,376 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure findPublicKey [2025-03-03 14:20:05,376 INFO L138 BoogieDeclarations]: Found implementation of procedure findPublicKey [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-03 14:20:05,376 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-03 14:20:05,376 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-03 14:20:05,376 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-03 14:20:05,376 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-03 14:20:05,376 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-03 14:20:05,376 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-03 14:20:05,376 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:20:05,376 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:20:05,539 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:20:05,541 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:20:05,655 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2535: #res := ~retValue_acc~35; [2025-03-03 14:20:05,667 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2957: #res := ~retValue_acc~43; [2025-03-03 14:20:05,718 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1301-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~13#1; [2025-03-03 14:20:05,718 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1346: #res#1 := ~retValue_acc~14#1; [2025-03-03 14:20:05,898 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1689-1: getClientId_#res#1 := getClientId_~retValue_acc~19#1; [2025-03-03 14:20:05,899 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1642-1: getClientForwardReceiver_#res#1 := getClientForwardReceiver_~retValue_acc~18#1; [2025-03-03 14:20:05,899 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2609-1: isVerified_#res#1 := isVerified_~retValue_acc~37#1; [2025-03-03 14:20:05,899 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2272-1: getEmailId_#res#1 := getEmailId_~retValue_acc~28#1; [2025-03-03 14:20:05,922 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1570: #res := ~retValue_acc~17; [2025-03-03 14:20:05,930 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1254: #res := ~retValue_acc~12; [2025-03-03 14:20:05,938 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2223-1: createEmail_#res#1 := createEmail_~retValue_acc~26#1; [2025-03-03 14:20:05,950 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L798: #res := ~retValue_acc~6; [2025-03-03 14:20:05,964 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2461: #res := ~retValue_acc~33; [2025-03-03 14:20:06,000 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2498: #res := ~retValue_acc~34; [2025-03-03 14:20:06,008 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2572: #res := ~retValue_acc~36; [2025-03-03 14:20:06,047 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2346: #res := ~retValue_acc~30; [2025-03-03 14:20:06,101 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1124: #res := ~retValue_acc~10; [2025-03-03 14:20:06,337 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1409-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~15#1; [2025-03-03 14:20:06,337 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2914-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~40#1; [2025-03-03 14:20:06,337 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2932-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~42#1; [2025-03-03 14:20:06,337 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L640-1: valid_product_#res#1 := valid_product_~retValue_acc~2#1; [2025-03-03 14:20:06,337 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1516-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~16#1; [2025-03-03 14:20:06,337 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2923-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~41#1; [2025-03-03 14:20:06,342 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2309: #res := ~retValue_acc~29; [2025-03-03 14:20:06,349 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2199: #res#1 := ~retValue_acc~24#1; [2025-03-03 14:20:06,349 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2179-1: isReadable__wrappee__Keys_#res#1 := isReadable__wrappee__Keys_~retValue_acc~23#1; [2025-03-03 14:20:06,475 INFO L? ?]: Removed 580 outVars from TransFormulas that were not future-live. [2025-03-03 14:20:06,475 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:20:06,495 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:20:06,495 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:20:06,495 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:20:06 BoogieIcfgContainer [2025-03-03 14:20:06,496 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:20:06,497 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:20:06,497 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:20:06,500 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:20:06,500 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:20:04" (1/3) ... [2025-03-03 14:20:06,501 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@d038979 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:20:06, skipping insertion in model container [2025-03-03 14:20:06,501 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:20:05" (2/3) ... [2025-03-03 14:20:06,501 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@d038979 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:20:06, skipping insertion in model container [2025-03-03 14:20:06,501 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:20:06" (3/3) ... [2025-03-03 14:20:06,502 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec0_product34.cil.c [2025-03-03 14:20:06,511 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:20:06,514 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec0_product34.cil.c that has 29 procedures, 443 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-03 14:20:06,600 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:20:06,609 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@41a71d68, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:20:06,609 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:20:06,615 INFO L276 IsEmpty]: Start isEmpty. Operand has 443 states, 343 states have (on average 1.5364431486880465) internal successors, (527), 348 states have internal predecessors, (527), 70 states have call successors, (70), 28 states have call predecessors, (70), 28 states have return successors, (70), 69 states have call predecessors, (70), 70 states have call successors, (70) [2025-03-03 14:20:06,634 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 155 [2025-03-03 14:20:06,634 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:06,635 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:06,636 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:06,639 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:06,639 INFO L85 PathProgramCache]: Analyzing trace with hash 1223605187, now seen corresponding path program 1 times [2025-03-03 14:20:06,644 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:06,644 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1784811692] [2025-03-03 14:20:06,645 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:06,645 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:06,741 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 154 statements into 1 equivalence classes. [2025-03-03 14:20:06,790 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 154 of 154 statements. [2025-03-03 14:20:06,790 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:06,790 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:07,256 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 44 trivial. 0 not checked. [2025-03-03 14:20:07,256 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:07,257 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1784811692] [2025-03-03 14:20:07,257 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1784811692] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:20:07,258 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1096080052] [2025-03-03 14:20:07,258 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:07,258 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:20:07,258 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:20:07,261 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:20:07,263 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:20:07,438 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 154 statements into 1 equivalence classes. [2025-03-03 14:20:07,588 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 154 of 154 statements. [2025-03-03 14:20:07,589 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:07,589 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:07,596 INFO L256 TraceCheckSpWp]: Trace formula consists of 1278 conjuncts, 1 conjuncts are in the unsatisfiable core [2025-03-03 14:20:07,603 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:20:07,627 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:20:07,628 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:20:07,628 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1096080052] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:07,628 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:20:07,629 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [5] total 5 [2025-03-03 14:20:07,630 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1281722401] [2025-03-03 14:20:07,631 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:07,634 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:20:07,634 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:07,647 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:20:07,648 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:20:07,650 INFO L87 Difference]: Start difference. First operand has 443 states, 343 states have (on average 1.5364431486880465) internal successors, (527), 348 states have internal predecessors, (527), 70 states have call successors, (70), 28 states have call predecessors, (70), 28 states have return successors, (70), 69 states have call predecessors, (70), 70 states have call successors, (70) Second operand has 2 states, 2 states have (on average 40.0) internal successors, (80), 2 states have internal predecessors, (80), 2 states have call successors, (22), 2 states have call predecessors, (22), 2 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:07,704 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:07,705 INFO L93 Difference]: Finished difference Result 694 states and 1026 transitions. [2025-03-03 14:20:07,706 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:20:07,707 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 40.0) internal successors, (80), 2 states have internal predecessors, (80), 2 states have call successors, (22), 2 states have call predecessors, (22), 2 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 154 [2025-03-03 14:20:07,707 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:07,716 INFO L225 Difference]: With dead ends: 694 [2025-03-03 14:20:07,716 INFO L226 Difference]: Without dead ends: 436 [2025-03-03 14:20:07,720 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 158 GetRequests, 155 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:20:07,722 INFO L435 NwaCegarLoop]: 664 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 664 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:07,722 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 664 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:07,734 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 436 states. [2025-03-03 14:20:07,761 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 436 to 436. [2025-03-03 14:20:07,763 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 436 states, 337 states have (on average 1.5341246290801187) internal successors, (517), 341 states have internal predecessors, (517), 70 states have call successors, (70), 28 states have call predecessors, (70), 28 states have return successors, (69), 68 states have call predecessors, (69), 69 states have call successors, (69) [2025-03-03 14:20:07,772 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 436 states to 436 states and 656 transitions. [2025-03-03 14:20:07,774 INFO L78 Accepts]: Start accepts. Automaton has 436 states and 656 transitions. Word has length 154 [2025-03-03 14:20:07,776 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:07,776 INFO L471 AbstractCegarLoop]: Abstraction has 436 states and 656 transitions. [2025-03-03 14:20:07,776 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 40.0) internal successors, (80), 2 states have internal predecessors, (80), 2 states have call successors, (22), 2 states have call predecessors, (22), 2 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:07,776 INFO L276 IsEmpty]: Start isEmpty. Operand 436 states and 656 transitions. [2025-03-03 14:20:07,784 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 156 [2025-03-03 14:20:07,785 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:07,786 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:07,794 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2025-03-03 14:20:07,990 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-03 14:20:07,990 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:07,991 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:07,991 INFO L85 PathProgramCache]: Analyzing trace with hash 1227787462, now seen corresponding path program 1 times [2025-03-03 14:20:07,991 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:07,991 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1175990758] [2025-03-03 14:20:07,991 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:07,991 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:08,017 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 155 statements into 1 equivalence classes. [2025-03-03 14:20:08,036 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 155 of 155 statements. [2025-03-03 14:20:08,036 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:08,036 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:08,252 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 44 trivial. 0 not checked. [2025-03-03 14:20:08,253 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:08,253 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1175990758] [2025-03-03 14:20:08,253 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1175990758] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:20:08,253 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1214365658] [2025-03-03 14:20:08,253 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:08,253 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:20:08,254 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:20:08,256 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:20:08,258 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:20:08,413 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 155 statements into 1 equivalence classes. [2025-03-03 14:20:08,561 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 155 of 155 statements. [2025-03-03 14:20:08,561 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:08,561 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:08,565 INFO L256 TraceCheckSpWp]: Trace formula consists of 1279 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-03 14:20:08,569 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:20:08,600 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:20:08,600 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:20:08,600 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1214365658] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:08,600 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:20:08,600 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:20:08,600 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [402587065] [2025-03-03 14:20:08,600 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:08,602 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:20:08,602 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:08,602 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:20:08,603 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:20:08,603 INFO L87 Difference]: Start difference. First operand 436 states and 656 transitions. Second operand has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (22), 2 states have call predecessors, (22), 2 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:08,644 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:08,644 INFO L93 Difference]: Finished difference Result 683 states and 1004 transitions. [2025-03-03 14:20:08,644 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:20:08,644 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (22), 2 states have call predecessors, (22), 2 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 155 [2025-03-03 14:20:08,645 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:08,652 INFO L225 Difference]: With dead ends: 683 [2025-03-03 14:20:08,652 INFO L226 Difference]: Without dead ends: 438 [2025-03-03 14:20:08,653 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 159 GetRequests, 155 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:20:08,654 INFO L435 NwaCegarLoop]: 655 mSDtfsCounter, 0 mSDsluCounter, 653 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1308 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:08,654 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1308 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:08,655 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 438 states. [2025-03-03 14:20:08,674 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 438 to 438. [2025-03-03 14:20:08,675 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 438 states, 339 states have (on average 1.5309734513274336) internal successors, (519), 343 states have internal predecessors, (519), 70 states have call successors, (70), 28 states have call predecessors, (70), 28 states have return successors, (69), 68 states have call predecessors, (69), 69 states have call successors, (69) [2025-03-03 14:20:08,680 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 438 states to 438 states and 658 transitions. [2025-03-03 14:20:08,680 INFO L78 Accepts]: Start accepts. Automaton has 438 states and 658 transitions. Word has length 155 [2025-03-03 14:20:08,681 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:08,681 INFO L471 AbstractCegarLoop]: Abstraction has 438 states and 658 transitions. [2025-03-03 14:20:08,681 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (22), 2 states have call predecessors, (22), 2 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:08,681 INFO L276 IsEmpty]: Start isEmpty. Operand 438 states and 658 transitions. [2025-03-03 14:20:08,686 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 161 [2025-03-03 14:20:08,686 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:08,686 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:08,695 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-03-03 14:20:08,887 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-03 14:20:08,887 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:08,888 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:08,888 INFO L85 PathProgramCache]: Analyzing trace with hash 464884024, now seen corresponding path program 1 times [2025-03-03 14:20:08,888 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:08,888 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1001762866] [2025-03-03 14:20:08,888 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:08,888 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:08,921 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 160 statements into 1 equivalence classes. [2025-03-03 14:20:08,932 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 160 of 160 statements. [2025-03-03 14:20:08,933 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:08,934 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:09,132 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2025-03-03 14:20:09,133 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:09,133 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1001762866] [2025-03-03 14:20:09,133 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1001762866] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:20:09,134 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1787144450] [2025-03-03 14:20:09,134 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:09,134 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:20:09,134 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:20:09,136 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:20:09,139 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:20:09,299 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 160 statements into 1 equivalence classes. [2025-03-03 14:20:09,420 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 160 of 160 statements. [2025-03-03 14:20:09,420 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:09,420 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:09,424 INFO L256 TraceCheckSpWp]: Trace formula consists of 1291 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:20:09,429 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:20:09,454 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:20:09,455 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:20:09,455 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1787144450] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:09,455 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:20:09,455 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:20:09,455 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [740429491] [2025-03-03 14:20:09,455 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:09,456 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:20:09,456 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:09,460 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:20:09,460 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:20:09,460 INFO L87 Difference]: Start difference. First operand 438 states and 658 transitions. Second operand has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (22), 2 states have call predecessors, (22), 2 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:09,494 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:09,494 INFO L93 Difference]: Finished difference Result 923 states and 1407 transitions. [2025-03-03 14:20:09,495 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:20:09,495 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (22), 2 states have call predecessors, (22), 2 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 160 [2025-03-03 14:20:09,495 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:09,498 INFO L225 Difference]: With dead ends: 923 [2025-03-03 14:20:09,498 INFO L226 Difference]: Without dead ends: 512 [2025-03-03 14:20:09,500 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 164 GetRequests, 160 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:20:09,501 INFO L435 NwaCegarLoop]: 664 mSDtfsCounter, 134 mSDsluCounter, 609 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 152 SdHoareTripleChecker+Valid, 1273 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:09,501 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [152 Valid, 1273 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:09,502 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 512 states. [2025-03-03 14:20:09,517 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 512 to 504. [2025-03-03 14:20:09,518 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 504 states, 391 states have (on average 1.5524296675191815) internal successors, (607), 395 states have internal predecessors, (607), 84 states have call successors, (84), 28 states have call predecessors, (84), 28 states have return successors, (83), 82 states have call predecessors, (83), 83 states have call successors, (83) [2025-03-03 14:20:09,523 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 504 states to 504 states and 774 transitions. [2025-03-03 14:20:09,523 INFO L78 Accepts]: Start accepts. Automaton has 504 states and 774 transitions. Word has length 160 [2025-03-03 14:20:09,524 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:09,524 INFO L471 AbstractCegarLoop]: Abstraction has 504 states and 774 transitions. [2025-03-03 14:20:09,525 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (22), 2 states have call predecessors, (22), 2 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:09,525 INFO L276 IsEmpty]: Start isEmpty. Operand 504 states and 774 transitions. [2025-03-03 14:20:09,529 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 162 [2025-03-03 14:20:09,529 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:09,530 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:09,537 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2025-03-03 14:20:09,730 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:20:09,730 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:09,731 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:09,731 INFO L85 PathProgramCache]: Analyzing trace with hash -1174090111, now seen corresponding path program 1 times [2025-03-03 14:20:09,731 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:09,731 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [540004260] [2025-03-03 14:20:09,731 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:09,731 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:09,765 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 161 statements into 1 equivalence classes. [2025-03-03 14:20:09,773 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 161 of 161 statements. [2025-03-03 14:20:09,773 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:09,773 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:09,945 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2025-03-03 14:20:09,945 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:09,945 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [540004260] [2025-03-03 14:20:09,945 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [540004260] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:20:09,945 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1989323006] [2025-03-03 14:20:09,945 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:09,946 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:20:09,946 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:20:09,947 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:20:09,949 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-03 14:20:10,107 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 161 statements into 1 equivalence classes. [2025-03-03 14:20:10,224 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 161 of 161 statements. [2025-03-03 14:20:10,224 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:10,224 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:10,230 INFO L256 TraceCheckSpWp]: Trace formula consists of 1296 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-03 14:20:10,236 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:20:10,288 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 33 trivial. 0 not checked. [2025-03-03 14:20:10,289 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:20:10,289 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1989323006] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:10,289 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:20:10,289 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:20:10,289 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1764698597] [2025-03-03 14:20:10,289 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:10,290 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:20:10,290 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:10,290 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:20:10,290 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:20:10,290 INFO L87 Difference]: Start difference. First operand 504 states and 774 transitions. Second operand has 5 states, 4 states have (on average 23.75) internal successors, (95), 5 states have internal predecessors, (95), 3 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 2 states have call predecessors, (19), 3 states have call successors, (19) [2025-03-03 14:20:10,361 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:10,362 INFO L93 Difference]: Finished difference Result 999 states and 1538 transitions. [2025-03-03 14:20:10,362 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:20:10,362 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 23.75) internal successors, (95), 5 states have internal predecessors, (95), 3 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 2 states have call predecessors, (19), 3 states have call successors, (19) Word has length 161 [2025-03-03 14:20:10,363 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:10,367 INFO L225 Difference]: With dead ends: 999 [2025-03-03 14:20:10,367 INFO L226 Difference]: Without dead ends: 506 [2025-03-03 14:20:10,370 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 165 GetRequests, 159 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:20:10,371 INFO L435 NwaCegarLoop]: 648 mSDtfsCounter, 2 mSDsluCounter, 1933 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2581 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:10,371 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2581 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:10,372 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 506 states. [2025-03-03 14:20:10,387 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 506 to 506. [2025-03-03 14:20:10,388 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 506 states, 392 states have (on average 1.5510204081632653) internal successors, (608), 397 states have internal predecessors, (608), 84 states have call successors, (84), 28 states have call predecessors, (84), 29 states have return successors, (85), 82 states have call predecessors, (85), 83 states have call successors, (85) [2025-03-03 14:20:10,391 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 506 states to 506 states and 777 transitions. [2025-03-03 14:20:10,392 INFO L78 Accepts]: Start accepts. Automaton has 506 states and 777 transitions. Word has length 161 [2025-03-03 14:20:10,392 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:10,392 INFO L471 AbstractCegarLoop]: Abstraction has 506 states and 777 transitions. [2025-03-03 14:20:10,392 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 23.75) internal successors, (95), 5 states have internal predecessors, (95), 3 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 2 states have call predecessors, (19), 3 states have call successors, (19) [2025-03-03 14:20:10,393 INFO L276 IsEmpty]: Start isEmpty. Operand 506 states and 777 transitions. [2025-03-03 14:20:10,395 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 182 [2025-03-03 14:20:10,395 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:10,395 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:10,404 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2025-03-03 14:20:10,596 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:20:10,596 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:10,596 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:10,596 INFO L85 PathProgramCache]: Analyzing trace with hash 345527297, now seen corresponding path program 1 times [2025-03-03 14:20:10,596 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:10,596 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [885687638] [2025-03-03 14:20:10,597 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:10,597 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:10,617 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 181 statements into 1 equivalence classes. [2025-03-03 14:20:10,623 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 181 of 181 statements. [2025-03-03 14:20:10,623 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:10,623 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:10,756 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 56 trivial. 0 not checked. [2025-03-03 14:20:10,756 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:10,756 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [885687638] [2025-03-03 14:20:10,756 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [885687638] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:20:10,756 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [958961005] [2025-03-03 14:20:10,757 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:10,757 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:20:10,757 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:20:10,758 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:20:10,760 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-03 14:20:10,931 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 181 statements into 1 equivalence classes. [2025-03-03 14:20:11,048 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 181 of 181 statements. [2025-03-03 14:20:11,049 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:11,049 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:11,053 INFO L256 TraceCheckSpWp]: Trace formula consists of 1375 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:20:11,057 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:20:11,093 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2025-03-03 14:20:11,094 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:20:11,094 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [958961005] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:11,094 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:20:11,094 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-03 14:20:11,094 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [318178143] [2025-03-03 14:20:11,094 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:11,095 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:20:11,095 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:11,095 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:20:11,095 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:20:11,095 INFO L87 Difference]: Start difference. First operand 506 states and 777 transitions. Second operand has 5 states, 5 states have (on average 20.8) internal successors, (104), 5 states have internal predecessors, (104), 3 states have call successors, (25), 2 states have call predecessors, (25), 3 states have return successors, (22), 3 states have call predecessors, (22), 3 states have call successors, (22) [2025-03-03 14:20:11,156 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:11,157 INFO L93 Difference]: Finished difference Result 1001 states and 1543 transitions. [2025-03-03 14:20:11,157 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:20:11,157 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 20.8) internal successors, (104), 5 states have internal predecessors, (104), 3 states have call successors, (25), 2 states have call predecessors, (25), 3 states have return successors, (22), 3 states have call predecessors, (22), 3 states have call successors, (22) Word has length 181 [2025-03-03 14:20:11,157 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:11,160 INFO L225 Difference]: With dead ends: 1001 [2025-03-03 14:20:11,160 INFO L226 Difference]: Without dead ends: 508 [2025-03-03 14:20:11,162 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 188 GetRequests, 179 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:20:11,162 INFO L435 NwaCegarLoop]: 646 mSDtfsCounter, 2 mSDsluCounter, 1921 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2567 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:11,163 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2567 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:11,163 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 508 states. [2025-03-03 14:20:11,175 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 508 to 508. [2025-03-03 14:20:11,176 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 508 states, 393 states have (on average 1.549618320610687) internal successors, (609), 399 states have internal predecessors, (609), 84 states have call successors, (84), 28 states have call predecessors, (84), 30 states have return successors, (90), 82 states have call predecessors, (90), 83 states have call successors, (90) [2025-03-03 14:20:11,179 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 508 states to 508 states and 783 transitions. [2025-03-03 14:20:11,180 INFO L78 Accepts]: Start accepts. Automaton has 508 states and 783 transitions. Word has length 181 [2025-03-03 14:20:11,180 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:11,180 INFO L471 AbstractCegarLoop]: Abstraction has 508 states and 783 transitions. [2025-03-03 14:20:11,181 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 20.8) internal successors, (104), 5 states have internal predecessors, (104), 3 states have call successors, (25), 2 states have call predecessors, (25), 3 states have return successors, (22), 3 states have call predecessors, (22), 3 states have call successors, (22) [2025-03-03 14:20:11,181 INFO L276 IsEmpty]: Start isEmpty. Operand 508 states and 783 transitions. [2025-03-03 14:20:11,183 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 183 [2025-03-03 14:20:11,183 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:11,183 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:11,192 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2025-03-03 14:20:11,388 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:20:11,388 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:11,388 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:11,388 INFO L85 PathProgramCache]: Analyzing trace with hash 1977580811, now seen corresponding path program 1 times [2025-03-03 14:20:11,388 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:11,388 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1755369794] [2025-03-03 14:20:11,388 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:11,389 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:11,410 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 182 statements into 1 equivalence classes. [2025-03-03 14:20:11,415 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 182 of 182 statements. [2025-03-03 14:20:11,416 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:11,416 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:11,543 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 62 trivial. 0 not checked. [2025-03-03 14:20:11,543 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:11,543 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1755369794] [2025-03-03 14:20:11,543 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1755369794] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:11,543 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:11,543 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:20:11,543 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1444653972] [2025-03-03 14:20:11,543 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:11,544 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:20:11,544 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:11,544 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:20:11,544 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:20:11,545 INFO L87 Difference]: Start difference. First operand 508 states and 783 transitions. Second operand has 5 states, 4 states have (on average 25.0) internal successors, (100), 5 states have internal predecessors, (100), 3 states have call successors, (25), 2 states have call predecessors, (25), 2 states have return successors, (22), 2 states have call predecessors, (22), 3 states have call successors, (22) [2025-03-03 14:20:11,582 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:11,583 INFO L93 Difference]: Finished difference Result 993 states and 1534 transitions. [2025-03-03 14:20:11,583 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:20:11,583 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 25.0) internal successors, (100), 5 states have internal predecessors, (100), 3 states have call successors, (25), 2 states have call predecessors, (25), 2 states have return successors, (22), 2 states have call predecessors, (22), 3 states have call successors, (22) Word has length 182 [2025-03-03 14:20:11,583 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:11,586 INFO L225 Difference]: With dead ends: 993 [2025-03-03 14:20:11,587 INFO L226 Difference]: Without dead ends: 508 [2025-03-03 14:20:11,588 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:20:11,589 INFO L435 NwaCegarLoop]: 649 mSDtfsCounter, 2 mSDsluCounter, 1936 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2585 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:11,589 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2585 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:11,590 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 508 states. [2025-03-03 14:20:11,603 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 508 to 508. [2025-03-03 14:20:11,604 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 508 states, 393 states have (on average 1.549618320610687) internal successors, (609), 399 states have internal predecessors, (609), 84 states have call successors, (84), 28 states have call predecessors, (84), 30 states have return successors, (89), 82 states have call predecessors, (89), 83 states have call successors, (89) [2025-03-03 14:20:11,607 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 508 states to 508 states and 782 transitions. [2025-03-03 14:20:11,608 INFO L78 Accepts]: Start accepts. Automaton has 508 states and 782 transitions. Word has length 182 [2025-03-03 14:20:11,608 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:11,608 INFO L471 AbstractCegarLoop]: Abstraction has 508 states and 782 transitions. [2025-03-03 14:20:11,608 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 25.0) internal successors, (100), 5 states have internal predecessors, (100), 3 states have call successors, (25), 2 states have call predecessors, (25), 2 states have return successors, (22), 2 states have call predecessors, (22), 3 states have call successors, (22) [2025-03-03 14:20:11,609 INFO L276 IsEmpty]: Start isEmpty. Operand 508 states and 782 transitions. [2025-03-03 14:20:11,611 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 184 [2025-03-03 14:20:11,611 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:11,611 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:11,611 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:20:11,612 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:11,612 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:11,612 INFO L85 PathProgramCache]: Analyzing trace with hash 559507692, now seen corresponding path program 2 times [2025-03-03 14:20:11,612 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:11,612 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [399514492] [2025-03-03 14:20:11,613 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:20:11,613 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:11,635 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 183 statements into 2 equivalence classes. [2025-03-03 14:20:11,639 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) and asserted 59 of 183 statements. [2025-03-03 14:20:11,640 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2025-03-03 14:20:11,640 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:11,769 INFO L134 CoverageAnalysis]: Checked inductivity of 69 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 61 trivial. 0 not checked. [2025-03-03 14:20:11,770 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:11,770 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [399514492] [2025-03-03 14:20:11,770 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [399514492] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:11,770 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:11,770 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:20:11,770 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1005153512] [2025-03-03 14:20:11,770 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:11,770 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:20:11,770 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:11,771 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:20:11,771 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:20:11,771 INFO L87 Difference]: Start difference. First operand 508 states and 782 transitions. Second operand has 8 states, 8 states have (on average 12.75) internal successors, (102), 7 states have internal predecessors, (102), 3 states have call successors, (25), 2 states have call predecessors, (25), 3 states have return successors, (22), 4 states have call predecessors, (22), 3 states have call successors, (22) [2025-03-03 14:20:12,229 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:12,229 INFO L93 Difference]: Finished difference Result 1391 states and 2112 transitions. [2025-03-03 14:20:12,230 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2025-03-03 14:20:12,230 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 12.75) internal successors, (102), 7 states have internal predecessors, (102), 3 states have call successors, (25), 2 states have call predecessors, (25), 3 states have return successors, (22), 4 states have call predecessors, (22), 3 states have call successors, (22) Word has length 183 [2025-03-03 14:20:12,231 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:12,237 INFO L225 Difference]: With dead ends: 1391 [2025-03-03 14:20:12,237 INFO L226 Difference]: Without dead ends: 1152 [2025-03-03 14:20:12,239 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=39, Invalid=117, Unknown=0, NotChecked=0, Total=156 [2025-03-03 14:20:12,240 INFO L435 NwaCegarLoop]: 667 mSDtfsCounter, 1351 mSDsluCounter, 3216 mSDsCounter, 0 mSdLazyCounter, 339 mSolverCounterSat, 183 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1372 SdHoareTripleChecker+Valid, 3883 SdHoareTripleChecker+Invalid, 522 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 183 IncrementalHoareTripleChecker+Valid, 339 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:12,240 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [1372 Valid, 3883 Invalid, 522 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [183 Valid, 339 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2025-03-03 14:20:12,241 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1152 states. [2025-03-03 14:20:12,280 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1152 to 1011. [2025-03-03 14:20:12,282 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1011 states, 784 states have (on average 1.5535714285714286) internal successors, (1218), 793 states have internal predecessors, (1218), 166 states have call successors, (166), 57 states have call predecessors, (166), 60 states have return successors, (180), 164 states have call predecessors, (180), 164 states have call successors, (180) [2025-03-03 14:20:12,290 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1011 states to 1011 states and 1564 transitions. [2025-03-03 14:20:12,291 INFO L78 Accepts]: Start accepts. Automaton has 1011 states and 1564 transitions. Word has length 183 [2025-03-03 14:20:12,292 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:12,292 INFO L471 AbstractCegarLoop]: Abstraction has 1011 states and 1564 transitions. [2025-03-03 14:20:12,292 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 12.75) internal successors, (102), 7 states have internal predecessors, (102), 3 states have call successors, (25), 2 states have call predecessors, (25), 3 states have return successors, (22), 4 states have call predecessors, (22), 3 states have call successors, (22) [2025-03-03 14:20:12,292 INFO L276 IsEmpty]: Start isEmpty. Operand 1011 states and 1564 transitions. [2025-03-03 14:20:12,297 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 185 [2025-03-03 14:20:12,298 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:12,298 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:12,298 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:20:12,298 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:12,299 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:12,299 INFO L85 PathProgramCache]: Analyzing trace with hash -1530763822, now seen corresponding path program 1 times [2025-03-03 14:20:12,299 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:12,299 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [726088081] [2025-03-03 14:20:12,299 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:12,299 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:12,322 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 184 statements into 1 equivalence classes. [2025-03-03 14:20:12,329 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 184 of 184 statements. [2025-03-03 14:20:12,329 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:12,329 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:12,450 INFO L134 CoverageAnalysis]: Checked inductivity of 69 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 62 trivial. 0 not checked. [2025-03-03 14:20:12,450 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:12,450 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [726088081] [2025-03-03 14:20:12,450 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [726088081] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:12,450 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:12,450 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:20:12,451 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1551498856] [2025-03-03 14:20:12,451 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:12,451 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:20:12,451 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:12,452 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:20:12,452 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:20:12,452 INFO L87 Difference]: Start difference. First operand 1011 states and 1564 transitions. Second operand has 5 states, 4 states have (on average 25.75) internal successors, (103), 5 states have internal predecessors, (103), 3 states have call successors, (25), 2 states have call predecessors, (25), 2 states have return successors, (22), 2 states have call predecessors, (22), 3 states have call successors, (22) [2025-03-03 14:20:12,504 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:12,504 INFO L93 Difference]: Finished difference Result 1991 states and 3088 transitions. [2025-03-03 14:20:12,505 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:20:12,505 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 25.75) internal successors, (103), 5 states have internal predecessors, (103), 3 states have call successors, (25), 2 states have call predecessors, (25), 2 states have return successors, (22), 2 states have call predecessors, (22), 3 states have call successors, (22) Word has length 184 [2025-03-03 14:20:12,505 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:12,510 INFO L225 Difference]: With dead ends: 1991 [2025-03-03 14:20:12,510 INFO L226 Difference]: Without dead ends: 1015 [2025-03-03 14:20:12,513 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:20:12,514 INFO L435 NwaCegarLoop]: 650 mSDtfsCounter, 1 mSDsluCounter, 1938 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2588 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:12,514 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2588 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:12,515 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1015 states. [2025-03-03 14:20:12,576 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1015 to 1015. [2025-03-03 14:20:12,578 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1015 states, 786 states have (on average 1.5521628498727735) internal successors, (1220), 797 states have internal predecessors, (1220), 166 states have call successors, (166), 57 states have call predecessors, (166), 62 states have return successors, (183), 164 states have call predecessors, (183), 164 states have call successors, (183) [2025-03-03 14:20:12,585 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1015 states to 1015 states and 1569 transitions. [2025-03-03 14:20:12,586 INFO L78 Accepts]: Start accepts. Automaton has 1015 states and 1569 transitions. Word has length 184 [2025-03-03 14:20:12,586 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:12,586 INFO L471 AbstractCegarLoop]: Abstraction has 1015 states and 1569 transitions. [2025-03-03 14:20:12,587 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 25.75) internal successors, (103), 5 states have internal predecessors, (103), 3 states have call successors, (25), 2 states have call predecessors, (25), 2 states have return successors, (22), 2 states have call predecessors, (22), 3 states have call successors, (22) [2025-03-03 14:20:12,587 INFO L276 IsEmpty]: Start isEmpty. Operand 1015 states and 1569 transitions. [2025-03-03 14:20:12,590 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 167 [2025-03-03 14:20:12,591 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:12,591 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:12,591 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:20:12,591 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:12,592 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:12,592 INFO L85 PathProgramCache]: Analyzing trace with hash -1228969497, now seen corresponding path program 1 times [2025-03-03 14:20:12,592 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:12,592 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1748285586] [2025-03-03 14:20:12,592 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:12,592 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:12,611 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 166 statements into 1 equivalence classes. [2025-03-03 14:20:12,617 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 166 of 166 statements. [2025-03-03 14:20:12,617 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:12,617 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:12,751 INFO L134 CoverageAnalysis]: Checked inductivity of 53 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 40 trivial. 0 not checked. [2025-03-03 14:20:12,752 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:12,752 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1748285586] [2025-03-03 14:20:12,752 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1748285586] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:12,752 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:12,752 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:20:12,752 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1604282006] [2025-03-03 14:20:12,752 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:12,753 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:20:12,753 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:12,753 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:20:12,753 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:20:12,754 INFO L87 Difference]: Start difference. First operand 1015 states and 1569 transitions. Second operand has 8 states, 7 states have (on average 14.285714285714286) internal successors, (100), 8 states have internal predecessors, (100), 4 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 3 states have call predecessors, (19), 4 states have call successors, (19) [2025-03-03 14:20:12,885 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:12,886 INFO L93 Difference]: Finished difference Result 1989 states and 3080 transitions. [2025-03-03 14:20:12,886 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-03-03 14:20:12,886 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 14.285714285714286) internal successors, (100), 8 states have internal predecessors, (100), 4 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 3 states have call predecessors, (19), 4 states have call successors, (19) Word has length 166 [2025-03-03 14:20:12,887 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:12,892 INFO L225 Difference]: With dead ends: 1989 [2025-03-03 14:20:12,892 INFO L226 Difference]: Without dead ends: 1019 [2025-03-03 14:20:12,895 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2025-03-03 14:20:12,896 INFO L435 NwaCegarLoop]: 640 mSDtfsCounter, 7 mSDsluCounter, 3811 mSDsCounter, 0 mSdLazyCounter, 145 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 8 SdHoareTripleChecker+Valid, 4451 SdHoareTripleChecker+Invalid, 149 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 145 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:12,896 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [8 Valid, 4451 Invalid, 149 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 145 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:20:12,897 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1019 states. [2025-03-03 14:20:12,924 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1019 to 1017. [2025-03-03 14:20:12,925 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1017 states, 788 states have (on average 1.5507614213197969) internal successors, (1222), 798 states have internal predecessors, (1222), 166 states have call successors, (166), 58 states have call predecessors, (166), 62 states have return successors, (181), 164 states have call predecessors, (181), 164 states have call successors, (181) [2025-03-03 14:20:12,931 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1017 states to 1017 states and 1569 transitions. [2025-03-03 14:20:12,933 INFO L78 Accepts]: Start accepts. Automaton has 1017 states and 1569 transitions. Word has length 166 [2025-03-03 14:20:12,933 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:12,933 INFO L471 AbstractCegarLoop]: Abstraction has 1017 states and 1569 transitions. [2025-03-03 14:20:12,933 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 14.285714285714286) internal successors, (100), 8 states have internal predecessors, (100), 4 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 3 states have call predecessors, (19), 4 states have call successors, (19) [2025-03-03 14:20:12,933 INFO L276 IsEmpty]: Start isEmpty. Operand 1017 states and 1569 transitions. [2025-03-03 14:20:12,937 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 168 [2025-03-03 14:20:12,937 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:12,937 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:12,938 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:20:12,938 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:12,938 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:12,938 INFO L85 PathProgramCache]: Analyzing trace with hash -854415657, now seen corresponding path program 2 times [2025-03-03 14:20:12,938 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:12,938 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [231390673] [2025-03-03 14:20:12,939 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:20:12,939 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:12,956 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 167 statements into 2 equivalence classes. [2025-03-03 14:20:12,962 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) and asserted 62 of 167 statements. [2025-03-03 14:20:12,962 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2025-03-03 14:20:12,962 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:13,070 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 9 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:20:13,071 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:13,071 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [231390673] [2025-03-03 14:20:13,071 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [231390673] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:13,071 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:13,071 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:20:13,071 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1593331581] [2025-03-03 14:20:13,071 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:13,072 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:20:13,072 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:13,072 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:20:13,073 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:20:13,073 INFO L87 Difference]: Start difference. First operand 1017 states and 1569 transitions. Second operand has 8 states, 8 states have (on average 12.375) internal successors, (99), 7 states have internal predecessors, (99), 3 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 4 states have call predecessors, (19), 3 states have call successors, (19) [2025-03-03 14:20:13,602 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:13,602 INFO L93 Difference]: Finished difference Result 2761 states and 4211 transitions. [2025-03-03 14:20:13,602 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2025-03-03 14:20:13,602 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 12.375) internal successors, (99), 7 states have internal predecessors, (99), 3 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 4 states have call predecessors, (19), 3 states have call successors, (19) Word has length 167 [2025-03-03 14:20:13,603 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:13,617 INFO L225 Difference]: With dead ends: 2761 [2025-03-03 14:20:13,617 INFO L226 Difference]: Without dead ends: 2285 [2025-03-03 14:20:13,620 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 14 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=40, Invalid=142, Unknown=0, NotChecked=0, Total=182 [2025-03-03 14:20:13,621 INFO L435 NwaCegarLoop]: 687 mSDtfsCounter, 775 mSDsluCounter, 3819 mSDsCounter, 0 mSdLazyCounter, 501 mSolverCounterSat, 37 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 795 SdHoareTripleChecker+Valid, 4506 SdHoareTripleChecker+Invalid, 538 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 37 IncrementalHoareTripleChecker+Valid, 501 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:13,621 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [795 Valid, 4506 Invalid, 538 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [37 Valid, 501 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2025-03-03 14:20:13,623 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2285 states. [2025-03-03 14:20:13,720 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2285 to 2005. [2025-03-03 14:20:13,723 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2005 states, 1557 states have (on average 1.5561978163134234) internal successors, (2423), 1578 states have internal predecessors, (2423), 322 states have call successors, (322), 114 states have call predecessors, (322), 125 states have return successors, (374), 320 states have call predecessors, (374), 318 states have call successors, (374) [2025-03-03 14:20:13,735 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2005 states to 2005 states and 3119 transitions. [2025-03-03 14:20:13,737 INFO L78 Accepts]: Start accepts. Automaton has 2005 states and 3119 transitions. Word has length 167 [2025-03-03 14:20:13,738 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:13,738 INFO L471 AbstractCegarLoop]: Abstraction has 2005 states and 3119 transitions. [2025-03-03 14:20:13,738 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 12.375) internal successors, (99), 7 states have internal predecessors, (99), 3 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 4 states have call predecessors, (19), 3 states have call successors, (19) [2025-03-03 14:20:13,738 INFO L276 IsEmpty]: Start isEmpty. Operand 2005 states and 3119 transitions. [2025-03-03 14:20:13,746 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 168 [2025-03-03 14:20:13,747 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:13,749 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:13,749 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2025-03-03 14:20:13,749 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:13,750 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:13,750 INFO L85 PathProgramCache]: Analyzing trace with hash 1271149659, now seen corresponding path program 1 times [2025-03-03 14:20:13,750 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:13,750 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1230625639] [2025-03-03 14:20:13,750 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:13,750 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:13,770 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 167 statements into 1 equivalence classes. [2025-03-03 14:20:13,774 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 167 of 167 statements. [2025-03-03 14:20:13,774 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:13,774 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:13,846 INFO L134 CoverageAnalysis]: Checked inductivity of 56 backedges. 0 proven. 8 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2025-03-03 14:20:13,846 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:13,846 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1230625639] [2025-03-03 14:20:13,846 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1230625639] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:20:13,846 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [468712500] [2025-03-03 14:20:13,846 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:13,846 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:20:13,847 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:20:13,848 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:20:13,850 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-03 14:20:14,006 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 167 statements into 1 equivalence classes. [2025-03-03 14:20:14,104 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 167 of 167 statements. [2025-03-03 14:20:14,104 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:14,104 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:14,108 INFO L256 TraceCheckSpWp]: Trace formula consists of 1302 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:20:14,112 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:20:14,161 INFO L134 CoverageAnalysis]: Checked inductivity of 56 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:20:14,162 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:20:14,163 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [468712500] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:14,163 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:20:14,163 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:20:14,163 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [139938351] [2025-03-03 14:20:14,163 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:14,163 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:20:14,163 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:14,164 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:20:14,164 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:20:14,164 INFO L87 Difference]: Start difference. First operand 2005 states and 3119 transitions. Second operand has 5 states, 5 states have (on average 19.4) internal successors, (97), 5 states have internal predecessors, (97), 2 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:14,242 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:14,242 INFO L93 Difference]: Finished difference Result 3025 states and 4697 transitions. [2025-03-03 14:20:14,243 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:20:14,243 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 19.4) internal successors, (97), 5 states have internal predecessors, (97), 2 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 167 [2025-03-03 14:20:14,243 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:14,253 INFO L225 Difference]: With dead ends: 3025 [2025-03-03 14:20:14,253 INFO L226 Difference]: Without dead ends: 2019 [2025-03-03 14:20:14,257 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 171 GetRequests, 165 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:20:14,258 INFO L435 NwaCegarLoop]: 649 mSDtfsCounter, 1 mSDsluCounter, 1929 mSDsCounter, 0 mSdLazyCounter, 48 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2578 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 48 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:14,258 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2578 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 48 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:14,260 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2019 states. [2025-03-03 14:20:14,340 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2019 to 2007. [2025-03-03 14:20:14,343 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2007 states, 1558 states have (on average 1.5558408215661104) internal successors, (2424), 1580 states have internal predecessors, (2424), 322 states have call successors, (322), 114 states have call predecessors, (322), 126 states have return successors, (376), 320 states have call predecessors, (376), 318 states have call successors, (376) [2025-03-03 14:20:14,351 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2007 states to 2007 states and 3122 transitions. [2025-03-03 14:20:14,353 INFO L78 Accepts]: Start accepts. Automaton has 2007 states and 3122 transitions. Word has length 167 [2025-03-03 14:20:14,353 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:14,353 INFO L471 AbstractCegarLoop]: Abstraction has 2007 states and 3122 transitions. [2025-03-03 14:20:14,353 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 19.4) internal successors, (97), 5 states have internal predecessors, (97), 2 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:14,354 INFO L276 IsEmpty]: Start isEmpty. Operand 2007 states and 3122 transitions. [2025-03-03 14:20:14,360 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 169 [2025-03-03 14:20:14,360 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:14,360 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:14,369 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Ended with exit code 0 [2025-03-03 14:20:14,561 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:20:14,561 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:14,562 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:14,562 INFO L85 PathProgramCache]: Analyzing trace with hash -1746760566, now seen corresponding path program 1 times [2025-03-03 14:20:14,562 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:14,562 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [320004399] [2025-03-03 14:20:14,562 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:14,562 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:14,580 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 168 statements into 1 equivalence classes. [2025-03-03 14:20:14,584 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 168 of 168 statements. [2025-03-03 14:20:14,584 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:14,584 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:14,682 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 40 trivial. 0 not checked. [2025-03-03 14:20:14,682 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:14,682 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [320004399] [2025-03-03 14:20:14,682 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [320004399] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:14,682 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:14,682 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:20:14,682 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1457865928] [2025-03-03 14:20:14,682 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:14,683 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:20:14,683 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:14,683 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:20:14,683 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:20:14,684 INFO L87 Difference]: Start difference. First operand 2007 states and 3122 transitions. Second operand has 8 states, 7 states have (on average 14.571428571428571) internal successors, (102), 8 states have internal predecessors, (102), 4 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 3 states have call predecessors, (19), 4 states have call successors, (19) [2025-03-03 14:20:14,806 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:14,806 INFO L93 Difference]: Finished difference Result 2987 states and 4642 transitions. [2025-03-03 14:20:14,807 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-03-03 14:20:14,807 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 14.571428571428571) internal successors, (102), 8 states have internal predecessors, (102), 4 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 3 states have call predecessors, (19), 4 states have call successors, (19) Word has length 168 [2025-03-03 14:20:14,807 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:14,813 INFO L225 Difference]: With dead ends: 2987 [2025-03-03 14:20:14,813 INFO L226 Difference]: Without dead ends: 1029 [2025-03-03 14:20:14,819 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2025-03-03 14:20:14,820 INFO L435 NwaCegarLoop]: 642 mSDtfsCounter, 5 mSDsluCounter, 3823 mSDsCounter, 0 mSdLazyCounter, 151 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 6 SdHoareTripleChecker+Valid, 4465 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 151 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:14,820 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [6 Valid, 4465 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 151 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:20:14,821 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1029 states. [2025-03-03 14:20:14,848 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1029 to 1027. [2025-03-03 14:20:14,849 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1027 states, 795 states have (on average 1.5459119496855347) internal successors, (1229), 807 states have internal predecessors, (1229), 166 states have call successors, (166), 59 states have call predecessors, (166), 65 states have return successors, (190), 164 states have call predecessors, (190), 164 states have call successors, (190) [2025-03-03 14:20:14,853 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1027 states to 1027 states and 1585 transitions. [2025-03-03 14:20:14,855 INFO L78 Accepts]: Start accepts. Automaton has 1027 states and 1585 transitions. Word has length 168 [2025-03-03 14:20:14,855 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:14,855 INFO L471 AbstractCegarLoop]: Abstraction has 1027 states and 1585 transitions. [2025-03-03 14:20:14,855 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 14.571428571428571) internal successors, (102), 8 states have internal predecessors, (102), 4 states have call successors, (22), 2 states have call predecessors, (22), 3 states have return successors, (19), 3 states have call predecessors, (19), 4 states have call successors, (19) [2025-03-03 14:20:14,855 INFO L276 IsEmpty]: Start isEmpty. Operand 1027 states and 1585 transitions. [2025-03-03 14:20:14,859 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 169 [2025-03-03 14:20:14,859 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:14,860 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:14,860 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-03 14:20:14,860 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:14,860 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:14,860 INFO L85 PathProgramCache]: Analyzing trace with hash -948032956, now seen corresponding path program 1 times [2025-03-03 14:20:14,860 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:14,860 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [866335795] [2025-03-03 14:20:14,861 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:14,861 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:14,877 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 168 statements into 1 equivalence classes. [2025-03-03 14:20:14,883 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 168 of 168 statements. [2025-03-03 14:20:14,883 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:14,883 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:14,937 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-03-03 14:20:14,937 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:14,937 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [866335795] [2025-03-03 14:20:14,937 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [866335795] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:20:14,937 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [597176498] [2025-03-03 14:20:14,937 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:14,937 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:20:14,938 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:20:14,939 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:20:14,941 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Waiting until timeout for monitored process [2025-03-03 14:20:15,106 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 168 statements into 1 equivalence classes. [2025-03-03 14:20:15,232 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 168 of 168 statements. [2025-03-03 14:20:15,232 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:15,232 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:15,236 INFO L256 TraceCheckSpWp]: Trace formula consists of 1303 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:20:15,238 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:20:15,259 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-03-03 14:20:15,259 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:20:15,337 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-03-03 14:20:15,338 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [597176498] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:20:15,338 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:20:15,338 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2025-03-03 14:20:15,338 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1897520735] [2025-03-03 14:20:15,338 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:20:15,339 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-03 14:20:15,339 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:15,339 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-03 14:20:15,339 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:20:15,339 INFO L87 Difference]: Start difference. First operand 1027 states and 1585 transitions. Second operand has 7 states, 7 states have (on average 19.571428571428573) internal successors, (137), 7 states have internal predecessors, (137), 2 states have call successors, (35), 2 states have call predecessors, (35), 2 states have return successors, (32), 2 states have call predecessors, (32), 2 states have call successors, (32) [2025-03-03 14:20:15,475 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:15,476 INFO L93 Difference]: Finished difference Result 2393 states and 3822 transitions. [2025-03-03 14:20:15,476 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-03 14:20:15,476 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 19.571428571428573) internal successors, (137), 7 states have internal predecessors, (137), 2 states have call successors, (35), 2 states have call predecessors, (35), 2 states have return successors, (32), 2 states have call predecessors, (32), 2 states have call successors, (32) Word has length 168 [2025-03-03 14:20:15,477 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:15,486 INFO L225 Difference]: With dead ends: 2393 [2025-03-03 14:20:15,486 INFO L226 Difference]: Without dead ends: 1901 [2025-03-03 14:20:15,489 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 338 GetRequests, 333 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:20:15,489 INFO L435 NwaCegarLoop]: 692 mSDtfsCounter, 700 mSDsluCounter, 1207 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 754 SdHoareTripleChecker+Valid, 1899 SdHoareTripleChecker+Invalid, 114 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:15,489 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [754 Valid, 1899 Invalid, 114 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:20:15,491 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1901 states. [2025-03-03 14:20:15,536 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1901 to 1853. [2025-03-03 14:20:15,539 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1853 states, 1463 states have (on average 1.6165413533834587) internal successors, (2365), 1475 states have internal predecessors, (2365), 324 states have call successors, (324), 59 states have call predecessors, (324), 65 states have return successors, (373), 322 states have call predecessors, (373), 322 states have call successors, (373) [2025-03-03 14:20:15,546 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1853 states to 1853 states and 3062 transitions. [2025-03-03 14:20:15,548 INFO L78 Accepts]: Start accepts. Automaton has 1853 states and 3062 transitions. Word has length 168 [2025-03-03 14:20:15,548 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:15,548 INFO L471 AbstractCegarLoop]: Abstraction has 1853 states and 3062 transitions. [2025-03-03 14:20:15,548 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 19.571428571428573) internal successors, (137), 7 states have internal predecessors, (137), 2 states have call successors, (35), 2 states have call predecessors, (35), 2 states have return successors, (32), 2 states have call predecessors, (32), 2 states have call successors, (32) [2025-03-03 14:20:15,548 INFO L276 IsEmpty]: Start isEmpty. Operand 1853 states and 3062 transitions. [2025-03-03 14:20:15,555 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 194 [2025-03-03 14:20:15,556 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:15,556 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:15,564 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Ended with exit code 0 [2025-03-03 14:20:15,756 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12,8 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:20:15,757 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:15,757 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:15,757 INFO L85 PathProgramCache]: Analyzing trace with hash -980466503, now seen corresponding path program 1 times [2025-03-03 14:20:15,757 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:15,757 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [780259239] [2025-03-03 14:20:15,757 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:15,757 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:15,776 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 193 statements into 1 equivalence classes. [2025-03-03 14:20:15,782 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 193 of 193 statements. [2025-03-03 14:20:15,782 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:15,782 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:15,814 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 68 trivial. 0 not checked. [2025-03-03 14:20:15,814 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:15,814 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [780259239] [2025-03-03 14:20:15,814 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [780259239] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:15,814 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:15,815 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:20:15,815 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1788776675] [2025-03-03 14:20:15,815 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:15,815 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:20:15,815 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:15,815 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:20:15,816 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:15,816 INFO L87 Difference]: Start difference. First operand 1853 states and 3062 transitions. Second operand has 3 states, 3 states have (on average 36.666666666666664) internal successors, (110), 3 states have internal predecessors, (110), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:20:15,871 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:15,872 INFO L93 Difference]: Finished difference Result 4415 states and 7407 transitions. [2025-03-03 14:20:15,872 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:20:15,872 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 36.666666666666664) internal successors, (110), 3 states have internal predecessors, (110), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) Word has length 193 [2025-03-03 14:20:15,872 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:15,885 INFO L225 Difference]: With dead ends: 4415 [2025-03-03 14:20:15,886 INFO L226 Difference]: Without dead ends: 2689 [2025-03-03 14:20:15,892 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:15,893 INFO L435 NwaCegarLoop]: 666 mSDtfsCounter, 132 mSDsluCounter, 652 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 150 SdHoareTripleChecker+Valid, 1318 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:15,893 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [150 Valid, 1318 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:15,895 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2689 states. [2025-03-03 14:20:15,963 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2689 to 2673. [2025-03-03 14:20:15,967 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2673 states, 2125 states have (on average 1.6352941176470588) internal successors, (3475), 2137 states have internal predecessors, (3475), 482 states have call successors, (482), 59 states have call predecessors, (482), 65 states have return successors, (556), 480 states have call predecessors, (556), 480 states have call successors, (556) [2025-03-03 14:20:15,976 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2673 states to 2673 states and 4513 transitions. [2025-03-03 14:20:15,979 INFO L78 Accepts]: Start accepts. Automaton has 2673 states and 4513 transitions. Word has length 193 [2025-03-03 14:20:15,979 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:15,979 INFO L471 AbstractCegarLoop]: Abstraction has 2673 states and 4513 transitions. [2025-03-03 14:20:15,980 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 36.666666666666664) internal successors, (110), 3 states have internal predecessors, (110), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:20:15,980 INFO L276 IsEmpty]: Start isEmpty. Operand 2673 states and 4513 transitions. [2025-03-03 14:20:15,991 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 176 [2025-03-03 14:20:15,991 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:15,991 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:15,991 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-03 14:20:15,991 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:15,991 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:15,992 INFO L85 PathProgramCache]: Analyzing trace with hash -966562178, now seen corresponding path program 1 times [2025-03-03 14:20:15,992 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:15,992 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [219896499] [2025-03-03 14:20:15,992 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:15,992 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:16,029 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 175 statements into 1 equivalence classes. [2025-03-03 14:20:16,035 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 175 of 175 statements. [2025-03-03 14:20:16,035 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:16,035 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:16,064 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-03-03 14:20:16,064 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:16,064 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [219896499] [2025-03-03 14:20:16,064 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [219896499] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:16,064 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:16,064 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:20:16,064 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2044134164] [2025-03-03 14:20:16,064 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:16,064 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:20:16,064 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:16,065 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:20:16,065 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:16,065 INFO L87 Difference]: Start difference. First operand 2673 states and 4513 transitions. Second operand has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:16,136 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:16,137 INFO L93 Difference]: Finished difference Result 6421 states and 10934 transitions. [2025-03-03 14:20:16,137 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:20:16,137 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 175 [2025-03-03 14:20:16,137 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:16,157 INFO L225 Difference]: With dead ends: 6421 [2025-03-03 14:20:16,157 INFO L226 Difference]: Without dead ends: 3977 [2025-03-03 14:20:16,166 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:16,167 INFO L435 NwaCegarLoop]: 655 mSDtfsCounter, 130 mSDsluCounter, 649 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 148 SdHoareTripleChecker+Valid, 1304 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:16,167 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [148 Valid, 1304 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:16,172 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 3977 states. [2025-03-03 14:20:16,289 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 3977 to 3961. [2025-03-03 14:20:16,298 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3961 states, 3175 states have (on average 1.6481889763779527) internal successors, (5233), 3187 states have internal predecessors, (5233), 720 states have call successors, (720), 59 states have call predecessors, (720), 65 states have return successors, (810), 718 states have call predecessors, (810), 718 states have call successors, (810) [2025-03-03 14:20:16,319 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3961 states to 3961 states and 6763 transitions. [2025-03-03 14:20:16,327 INFO L78 Accepts]: Start accepts. Automaton has 3961 states and 6763 transitions. Word has length 175 [2025-03-03 14:20:16,327 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:16,327 INFO L471 AbstractCegarLoop]: Abstraction has 3961 states and 6763 transitions. [2025-03-03 14:20:16,328 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:16,328 INFO L276 IsEmpty]: Start isEmpty. Operand 3961 states and 6763 transitions. [2025-03-03 14:20:16,355 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 177 [2025-03-03 14:20:16,355 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:16,355 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:16,355 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-03 14:20:16,356 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:16,357 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:16,357 INFO L85 PathProgramCache]: Analyzing trace with hash 1703183269, now seen corresponding path program 1 times [2025-03-03 14:20:16,357 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:16,357 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1276794084] [2025-03-03 14:20:16,357 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:16,357 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:16,382 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 176 statements into 1 equivalence classes. [2025-03-03 14:20:16,392 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 176 of 176 statements. [2025-03-03 14:20:16,392 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:16,392 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:16,438 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-03-03 14:20:16,438 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:16,439 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1276794084] [2025-03-03 14:20:16,439 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1276794084] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:16,439 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:16,439 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:20:16,439 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1214369848] [2025-03-03 14:20:16,439 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:16,440 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:20:16,440 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:16,440 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:20:16,440 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:16,441 INFO L87 Difference]: Start difference. First operand 3961 states and 6763 transitions. Second operand has 3 states, 3 states have (on average 35.0) internal successors, (105), 3 states have internal predecessors, (105), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:16,595 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:16,596 INFO L93 Difference]: Finished difference Result 9445 states and 16268 transitions. [2025-03-03 14:20:16,596 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:20:16,596 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 35.0) internal successors, (105), 3 states have internal predecessors, (105), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 176 [2025-03-03 14:20:16,597 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:16,645 INFO L225 Difference]: With dead ends: 9445 [2025-03-03 14:20:16,645 INFO L226 Difference]: Without dead ends: 5957 [2025-03-03 14:20:16,660 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:16,661 INFO L435 NwaCegarLoop]: 655 mSDtfsCounter, 128 mSDsluCounter, 646 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 1301 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:16,661 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 1301 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:16,668 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 5957 states. [2025-03-03 14:20:16,832 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 5957 to 5941. [2025-03-03 14:20:16,841 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5941 states, 4831 states have (on average 1.658248809770234) internal successors, (8011), 4843 states have internal predecessors, (8011), 1044 states have call successors, (1044), 59 states have call predecessors, (1044), 65 states have return successors, (1184), 1042 states have call predecessors, (1184), 1042 states have call successors, (1184) [2025-03-03 14:20:16,864 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5941 states to 5941 states and 10239 transitions. [2025-03-03 14:20:16,868 INFO L78 Accepts]: Start accepts. Automaton has 5941 states and 10239 transitions. Word has length 176 [2025-03-03 14:20:16,869 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:16,869 INFO L471 AbstractCegarLoop]: Abstraction has 5941 states and 10239 transitions. [2025-03-03 14:20:16,869 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 35.0) internal successors, (105), 3 states have internal predecessors, (105), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:16,869 INFO L276 IsEmpty]: Start isEmpty. Operand 5941 states and 10239 transitions. [2025-03-03 14:20:16,896 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 197 [2025-03-03 14:20:16,896 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:16,896 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:16,896 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-03 14:20:16,897 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:16,897 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:16,897 INFO L85 PathProgramCache]: Analyzing trace with hash -1090046240, now seen corresponding path program 1 times [2025-03-03 14:20:16,897 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:16,898 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [160931931] [2025-03-03 14:20:16,898 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:16,898 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:16,915 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 196 statements into 1 equivalence classes. [2025-03-03 14:20:16,921 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 196 of 196 statements. [2025-03-03 14:20:16,921 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:16,921 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:16,954 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 68 trivial. 0 not checked. [2025-03-03 14:20:16,954 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:16,954 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [160931931] [2025-03-03 14:20:16,955 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [160931931] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:16,955 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:16,955 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:20:16,955 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1836419874] [2025-03-03 14:20:16,955 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:16,955 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:20:16,955 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:16,956 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:20:16,956 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:16,957 INFO L87 Difference]: Start difference. First operand 5941 states and 10239 transitions. Second operand has 3 states, 3 states have (on average 37.666666666666664) internal successors, (113), 3 states have internal predecessors, (113), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:20:17,146 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:17,146 INFO L93 Difference]: Finished difference Result 14231 states and 24722 transitions. [2025-03-03 14:20:17,146 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:20:17,147 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 37.666666666666664) internal successors, (113), 3 states have internal predecessors, (113), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) Word has length 196 [2025-03-03 14:20:17,147 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:17,183 INFO L225 Difference]: With dead ends: 14231 [2025-03-03 14:20:17,183 INFO L226 Difference]: Without dead ends: 9163 [2025-03-03 14:20:17,202 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:17,203 INFO L435 NwaCegarLoop]: 655 mSDtfsCounter, 126 mSDsluCounter, 646 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 1301 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:17,203 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 1301 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:17,213 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 9163 states. [2025-03-03 14:20:17,485 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 9163 to 9147. [2025-03-03 14:20:17,496 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9147 states, 7547 states have (on average 1.665429972174374) internal successors, (12569), 7559 states have internal predecessors, (12569), 1534 states have call successors, (1534), 59 states have call predecessors, (1534), 65 states have return successors, (1757), 1532 states have call predecessors, (1757), 1532 states have call successors, (1757) [2025-03-03 14:20:17,522 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9147 states to 9147 states and 15860 transitions. [2025-03-03 14:20:17,526 INFO L78 Accepts]: Start accepts. Automaton has 9147 states and 15860 transitions. Word has length 196 [2025-03-03 14:20:17,526 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:17,526 INFO L471 AbstractCegarLoop]: Abstraction has 9147 states and 15860 transitions. [2025-03-03 14:20:17,526 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 37.666666666666664) internal successors, (113), 3 states have internal predecessors, (113), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:20:17,526 INFO L276 IsEmpty]: Start isEmpty. Operand 9147 states and 15860 transitions. [2025-03-03 14:20:17,561 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 198 [2025-03-03 14:20:17,561 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:17,561 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:17,561 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-03 14:20:17,561 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:17,562 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:17,562 INFO L85 PathProgramCache]: Analyzing trace with hash 1740106455, now seen corresponding path program 1 times [2025-03-03 14:20:17,562 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:17,562 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [291208044] [2025-03-03 14:20:17,562 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:17,563 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:17,581 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 197 statements into 1 equivalence classes. [2025-03-03 14:20:17,589 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 197 of 197 statements. [2025-03-03 14:20:17,589 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:17,589 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:17,619 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 68 trivial. 0 not checked. [2025-03-03 14:20:17,619 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:17,619 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [291208044] [2025-03-03 14:20:17,619 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [291208044] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:17,619 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:17,620 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:20:17,620 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [638640588] [2025-03-03 14:20:17,620 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:17,620 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:20:17,620 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:17,620 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:20:17,620 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:17,621 INFO L87 Difference]: Start difference. First operand 9147 states and 15860 transitions. Second operand has 3 states, 3 states have (on average 38.0) internal successors, (114), 3 states have internal predecessors, (114), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:20:17,869 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:17,869 INFO L93 Difference]: Finished difference Result 22211 states and 38821 transitions. [2025-03-03 14:20:17,869 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:20:17,870 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 38.0) internal successors, (114), 3 states have internal predecessors, (114), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) Word has length 197 [2025-03-03 14:20:17,870 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:17,920 INFO L225 Difference]: With dead ends: 22211 [2025-03-03 14:20:17,920 INFO L226 Difference]: Without dead ends: 14551 [2025-03-03 14:20:17,941 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:17,942 INFO L435 NwaCegarLoop]: 673 mSDtfsCounter, 124 mSDsluCounter, 646 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1319 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:17,942 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1319 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:17,953 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 14551 states. [2025-03-03 14:20:18,391 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 14551 to 14535. [2025-03-03 14:20:18,413 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 14535 states, 11949 states have (on average 1.665495020503808) internal successors, (19901), 11961 states have internal predecessors, (19901), 2520 states have call successors, (2520), 59 states have call predecessors, (2520), 65 states have return successors, (2887), 2518 states have call predecessors, (2887), 2518 states have call successors, (2887) [2025-03-03 14:20:18,470 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 14535 states to 14535 states and 25308 transitions. [2025-03-03 14:20:18,477 INFO L78 Accepts]: Start accepts. Automaton has 14535 states and 25308 transitions. Word has length 197 [2025-03-03 14:20:18,478 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:18,478 INFO L471 AbstractCegarLoop]: Abstraction has 14535 states and 25308 transitions. [2025-03-03 14:20:18,478 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 38.0) internal successors, (114), 3 states have internal predecessors, (114), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:20:18,478 INFO L276 IsEmpty]: Start isEmpty. Operand 14535 states and 25308 transitions. [2025-03-03 14:20:18,529 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 199 [2025-03-03 14:20:18,530 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:18,530 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:18,530 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-03 14:20:18,530 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:18,531 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:18,531 INFO L85 PathProgramCache]: Analyzing trace with hash -1451098111, now seen corresponding path program 1 times [2025-03-03 14:20:18,531 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:18,531 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [981582158] [2025-03-03 14:20:18,531 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:18,531 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:18,554 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 198 statements into 1 equivalence classes. [2025-03-03 14:20:18,563 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 198 of 198 statements. [2025-03-03 14:20:18,563 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:18,563 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:18,604 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 68 trivial. 0 not checked. [2025-03-03 14:20:18,605 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:18,605 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [981582158] [2025-03-03 14:20:18,605 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [981582158] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:18,605 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:18,605 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:20:18,606 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [961691615] [2025-03-03 14:20:18,606 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:18,606 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:20:18,606 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:18,606 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:20:18,606 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:18,607 INFO L87 Difference]: Start difference. First operand 14535 states and 25308 transitions. Second operand has 3 states, 3 states have (on average 38.333333333333336) internal successors, (115), 3 states have internal predecessors, (115), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:20:19,169 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:19,169 INFO L93 Difference]: Finished difference Result 36671 states and 64229 transitions. [2025-03-03 14:20:19,170 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:20:19,170 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 38.333333333333336) internal successors, (115), 3 states have internal predecessors, (115), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) Word has length 198 [2025-03-03 14:20:19,170 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:19,432 INFO L225 Difference]: With dead ends: 36671 [2025-03-03 14:20:19,432 INFO L226 Difference]: Without dead ends: 24365 [2025-03-03 14:20:19,456 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:19,457 INFO L435 NwaCegarLoop]: 657 mSDtfsCounter, 122 mSDsluCounter, 649 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1306 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:19,457 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1306 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:19,477 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 24365 states. [2025-03-03 14:20:20,142 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 24365 to 24349. [2025-03-03 14:20:20,179 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 24349 states, 20119 states have (on average 1.6669317560514936) internal successors, (33537), 20131 states have internal predecessors, (33537), 4164 states have call successors, (4164), 59 states have call predecessors, (4164), 65 states have return successors, (4720), 4162 states have call predecessors, (4720), 4162 states have call successors, (4720) [2025-03-03 14:20:20,254 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 24349 states to 24349 states and 42421 transitions. [2025-03-03 14:20:20,265 INFO L78 Accepts]: Start accepts. Automaton has 24349 states and 42421 transitions. Word has length 198 [2025-03-03 14:20:20,265 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:20,265 INFO L471 AbstractCegarLoop]: Abstraction has 24349 states and 42421 transitions. [2025-03-03 14:20:20,265 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 38.333333333333336) internal successors, (115), 3 states have internal predecessors, (115), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:20:20,266 INFO L276 IsEmpty]: Start isEmpty. Operand 24349 states and 42421 transitions. [2025-03-03 14:20:20,343 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 181 [2025-03-03 14:20:20,343 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:20,344 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:20,344 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-03 14:20:20,344 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:20,344 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:20,344 INFO L85 PathProgramCache]: Analyzing trace with hash 1908615943, now seen corresponding path program 1 times [2025-03-03 14:20:20,344 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:20,345 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [512700622] [2025-03-03 14:20:20,345 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:20,345 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:20,364 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 180 statements into 1 equivalence classes. [2025-03-03 14:20:20,369 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 180 of 180 statements. [2025-03-03 14:20:20,370 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:20,370 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:20,398 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-03-03 14:20:20,398 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:20,398 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [512700622] [2025-03-03 14:20:20,399 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [512700622] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:20,399 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:20,399 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:20:20,399 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [631821927] [2025-03-03 14:20:20,399 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:20,399 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:20:20,400 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:20,401 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:20:20,401 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:20,401 INFO L87 Difference]: Start difference. First operand 24349 states and 42421 transitions. Second operand has 3 states, 3 states have (on average 36.333333333333336) internal successors, (109), 3 states have internal predecessors, (109), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:21,088 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:21,089 INFO L93 Difference]: Finished difference Result 58183 states and 101369 transitions. [2025-03-03 14:20:21,089 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:20:21,090 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 36.333333333333336) internal successors, (109), 3 states have internal predecessors, (109), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 180 [2025-03-03 14:20:21,090 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:21,241 INFO L225 Difference]: With dead ends: 58183 [2025-03-03 14:20:21,241 INFO L226 Difference]: Without dead ends: 37997 [2025-03-03 14:20:21,297 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:21,299 INFO L435 NwaCegarLoop]: 657 mSDtfsCounter, 120 mSDsluCounter, 621 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1278 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:21,300 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1278 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:21,332 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 37997 states. [2025-03-03 14:20:22,786 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 37997 to 37981. [2025-03-03 14:20:22,837 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 37981 states, 31345 states have (on average 1.6445047056946882) internal successors, (51547), 31357 states have internal predecessors, (51547), 6570 states have call successors, (6570), 59 states have call predecessors, (6570), 65 states have return successors, (7551), 6568 states have call predecessors, (7551), 6568 states have call successors, (7551) [2025-03-03 14:20:22,956 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 37981 states to 37981 states and 65668 transitions. [2025-03-03 14:20:22,975 INFO L78 Accepts]: Start accepts. Automaton has 37981 states and 65668 transitions. Word has length 180 [2025-03-03 14:20:22,976 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:22,976 INFO L471 AbstractCegarLoop]: Abstraction has 37981 states and 65668 transitions. [2025-03-03 14:20:22,976 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 36.333333333333336) internal successors, (109), 3 states have internal predecessors, (109), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:22,976 INFO L276 IsEmpty]: Start isEmpty. Operand 37981 states and 65668 transitions. [2025-03-03 14:20:23,095 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 201 [2025-03-03 14:20:23,095 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:23,095 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:23,095 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-03 14:20:23,096 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:23,096 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:23,096 INFO L85 PathProgramCache]: Analyzing trace with hash 171515042, now seen corresponding path program 1 times [2025-03-03 14:20:23,096 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:23,096 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [967649380] [2025-03-03 14:20:23,096 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:23,096 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:23,115 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 200 statements into 1 equivalence classes. [2025-03-03 14:20:23,122 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 200 of 200 statements. [2025-03-03 14:20:23,123 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:23,123 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:23,153 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 68 trivial. 0 not checked. [2025-03-03 14:20:23,153 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:23,153 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [967649380] [2025-03-03 14:20:23,153 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [967649380] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:23,153 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:23,154 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:20:23,154 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [31337105] [2025-03-03 14:20:23,154 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:23,154 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:20:23,154 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:23,155 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:20:23,155 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:23,155 INFO L87 Difference]: Start difference. First operand 37981 states and 65668 transitions. Second operand has 3 states, 3 states have (on average 39.0) internal successors, (117), 3 states have internal predecessors, (117), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:20:24,360 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:24,361 INFO L93 Difference]: Finished difference Result 100257 states and 174142 transitions. [2025-03-03 14:20:24,361 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:20:24,362 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 39.0) internal successors, (117), 3 states have internal predecessors, (117), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) Word has length 200 [2025-03-03 14:20:24,362 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:24,654 INFO L225 Difference]: With dead ends: 100257 [2025-03-03 14:20:24,654 INFO L226 Difference]: Without dead ends: 67707 [2025-03-03 14:20:24,745 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:24,746 INFO L435 NwaCegarLoop]: 655 mSDtfsCounter, 118 mSDsluCounter, 649 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1304 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:24,746 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1304 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:24,795 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67707 states. [2025-03-03 14:20:27,040 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67707 to 67691. [2025-03-03 14:20:27,138 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67691 states, 56155 states have (on average 1.642258035793785) internal successors, (92221), 56167 states have internal predecessors, (92221), 11470 states have call successors, (11470), 59 states have call predecessors, (11470), 65 states have return successors, (13265), 11468 states have call predecessors, (13265), 11468 states have call successors, (13265) [2025-03-03 14:20:27,414 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67691 states to 67691 states and 116956 transitions. [2025-03-03 14:20:27,447 INFO L78 Accepts]: Start accepts. Automaton has 67691 states and 116956 transitions. Word has length 200 [2025-03-03 14:20:27,447 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:27,448 INFO L471 AbstractCegarLoop]: Abstraction has 67691 states and 116956 transitions. [2025-03-03 14:20:27,448 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 39.0) internal successors, (117), 3 states have internal predecessors, (117), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:20:27,448 INFO L276 IsEmpty]: Start isEmpty. Operand 67691 states and 116956 transitions. [2025-03-03 14:20:27,665 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 183 [2025-03-03 14:20:27,665 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:27,665 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:27,666 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2025-03-03 14:20:27,666 INFO L396 AbstractCegarLoop]: === Iteration 22 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:27,666 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:27,666 INFO L85 PathProgramCache]: Analyzing trace with hash -1784599416, now seen corresponding path program 1 times [2025-03-03 14:20:27,666 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:27,666 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1289235268] [2025-03-03 14:20:27,666 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:27,667 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:27,689 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 182 statements into 1 equivalence classes. [2025-03-03 14:20:27,696 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 182 of 182 statements. [2025-03-03 14:20:27,697 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:27,697 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:27,734 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2025-03-03 14:20:27,735 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:27,735 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1289235268] [2025-03-03 14:20:27,735 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1289235268] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:27,735 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:27,735 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:20:27,735 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [504161929] [2025-03-03 14:20:27,735 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:27,736 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:20:27,736 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:27,736 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:20:27,736 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:27,737 INFO L87 Difference]: Start difference. First operand 67691 states and 116956 transitions. Second operand has 3 states, 3 states have (on average 37.0) internal successors, (111), 3 states have internal predecessors, (111), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:30,250 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:30,250 INFO L93 Difference]: Finished difference Result 184441 states and 319326 transitions. [2025-03-03 14:20:30,250 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:20:30,251 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 37.0) internal successors, (111), 3 states have internal predecessors, (111), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) Word has length 182 [2025-03-03 14:20:30,251 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:30,957 INFO L225 Difference]: With dead ends: 184441 [2025-03-03 14:20:30,957 INFO L226 Difference]: Without dead ends: 123995 [2025-03-03 14:20:31,084 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:31,087 INFO L435 NwaCegarLoop]: 656 mSDtfsCounter, 116 mSDsluCounter, 649 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1305 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:31,087 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1305 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:31,150 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 123995 states. [2025-03-03 14:20:34,505 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 123995 to 123979. [2025-03-03 14:20:34,632 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 123979 states, 103417 states have (on average 1.6387731224073412) internal successors, (169477), 103429 states have internal predecessors, (169477), 20496 states have call successors, (20496), 59 states have call predecessors, (20496), 65 states have return successors, (23355), 20494 states have call predecessors, (23355), 20494 states have call successors, (23355) [2025-03-03 14:20:35,360 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 123979 states to 123979 states and 213328 transitions. [2025-03-03 14:20:35,402 INFO L78 Accepts]: Start accepts. Automaton has 123979 states and 213328 transitions. Word has length 182 [2025-03-03 14:20:35,402 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:20:35,402 INFO L471 AbstractCegarLoop]: Abstraction has 123979 states and 213328 transitions. [2025-03-03 14:20:35,402 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 37.0) internal successors, (111), 3 states have internal predecessors, (111), 2 states have call successors, (22), 2 states have call predecessors, (22), 1 states have return successors, (19), 2 states have call predecessors, (19), 2 states have call successors, (19) [2025-03-03 14:20:35,402 INFO L276 IsEmpty]: Start isEmpty. Operand 123979 states and 213328 transitions. [2025-03-03 14:20:35,666 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 203 [2025-03-03 14:20:35,666 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:20:35,666 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:20:35,666 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable21 [2025-03-03 14:20:35,666 INFO L396 AbstractCegarLoop]: === Iteration 23 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:20:35,667 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:20:35,667 INFO L85 PathProgramCache]: Analyzing trace with hash 645183971, now seen corresponding path program 1 times [2025-03-03 14:20:35,667 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:20:35,667 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1650080517] [2025-03-03 14:20:35,667 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:20:35,667 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:20:35,684 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 202 statements into 1 equivalence classes. [2025-03-03 14:20:35,690 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 202 of 202 statements. [2025-03-03 14:20:35,691 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:20:35,691 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:20:35,721 INFO L134 CoverageAnalysis]: Checked inductivity of 68 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 68 trivial. 0 not checked. [2025-03-03 14:20:35,722 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:20:35,722 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1650080517] [2025-03-03 14:20:35,722 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1650080517] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:20:35,722 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:20:35,722 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:20:35,722 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2027035760] [2025-03-03 14:20:35,722 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:20:35,722 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:20:35,722 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:20:35,722 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:20:35,722 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:35,723 INFO L87 Difference]: Start difference. First operand 123979 states and 213328 transitions. Second operand has 3 states, 3 states have (on average 39.666666666666664) internal successors, (119), 3 states have internal predecessors, (119), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:20:39,370 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:20:39,371 INFO L93 Difference]: Finished difference Result 232167 states and 400427 transitions. [2025-03-03 14:20:39,371 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:20:39,371 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 39.666666666666664) internal successors, (119), 3 states have internal predecessors, (119), 2 states have call successors, (25), 2 states have call predecessors, (25), 1 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) Word has length 202 [2025-03-03 14:20:39,371 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:20:40,448 INFO L225 Difference]: With dead ends: 232167 [2025-03-03 14:20:40,448 INFO L226 Difference]: Without dead ends: 231675 [2025-03-03 14:20:40,544 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:20:40,544 INFO L435 NwaCegarLoop]: 664 mSDtfsCounter, 111 mSDsluCounter, 654 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1318 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:20:40,544 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1318 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:20:40,678 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 231675 states.