./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec1_product29.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec1_product29.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 63bdee5cc43e6d0ce6e1fd7ff8178b7d4c48f0f239c647cbda6fb7b36603cc42 --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:21:32,856 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:21:32,909 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:21:32,914 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:21:32,914 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:21:32,930 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:21:32,931 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:21:32,932 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:21:32,932 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:21:32,932 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:21:32,933 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:21:32,933 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:21:32,933 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:21:32,933 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:21:32,933 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:21:32,934 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:21:32,934 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:21:32,934 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:21:32,935 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:21:32,935 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 63bdee5cc43e6d0ce6e1fd7ff8178b7d4c48f0f239c647cbda6fb7b36603cc42 [2025-03-03 14:21:33,150 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:21:33,155 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:21:33,158 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:21:33,159 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:21:33,159 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:21:33,160 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec1_product29.cil.c [2025-03-03 14:21:34,333 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5a79daf25/25ab3fbe982c4f3591398f544a1d57b7/FLAG955593fdb [2025-03-03 14:21:34,683 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:21:34,685 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec1_product29.cil.c [2025-03-03 14:21:34,707 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5a79daf25/25ab3fbe982c4f3591398f544a1d57b7/FLAG955593fdb [2025-03-03 14:21:34,920 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5a79daf25/25ab3fbe982c4f3591398f544a1d57b7 [2025-03-03 14:21:34,922 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:21:34,924 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:21:34,926 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:21:34,926 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:21:34,929 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:21:34,930 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:21:34" (1/1) ... [2025-03-03 14:21:34,931 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@67cb8559 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:34, skipping insertion in model container [2025-03-03 14:21:34,931 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:21:34" (1/1) ... [2025-03-03 14:21:34,979 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:21:35,307 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec1_product29.cil.c[32754,32767] [2025-03-03 14:21:35,368 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:21:35,384 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:21:35,390 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [48] [2025-03-03 14:21:35,391 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [460] [2025-03-03 14:21:35,392 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [826] [2025-03-03 14:21:35,392 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [1051] [2025-03-03 14:21:35,392 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [1201] [2025-03-03 14:21:35,392 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1499] [2025-03-03 14:21:35,392 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [1508] [2025-03-03 14:21:35,392 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [2578] [2025-03-03 14:21:35,392 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"AddressBookEncrypt_spec.i","") [2613] [2025-03-03 14:21:35,392 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [2641] [2025-03-03 14:21:35,392 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [2658] [2025-03-03 14:21:35,447 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec1_product29.cil.c[32754,32767] [2025-03-03 14:21:35,471 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:21:35,498 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:21:35,498 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35 WrapperNode [2025-03-03 14:21:35,499 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:21:35,499 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:21:35,499 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:21:35,499 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:21:35,504 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (1/1) ... [2025-03-03 14:21:35,527 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (1/1) ... [2025-03-03 14:21:35,568 INFO L138 Inliner]: procedures = 131, calls = 211, calls flagged for inlining = 55, calls inlined = 47, statements flattened = 920 [2025-03-03 14:21:35,568 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:21:35,569 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:21:35,569 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:21:35,569 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:21:35,577 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (1/1) ... [2025-03-03 14:21:35,578 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (1/1) ... [2025-03-03 14:21:35,582 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (1/1) ... [2025-03-03 14:21:35,598 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-03 14:21:35,599 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (1/1) ... [2025-03-03 14:21:35,599 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (1/1) ... [2025-03-03 14:21:35,611 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (1/1) ... [2025-03-03 14:21:35,613 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (1/1) ... [2025-03-03 14:21:35,618 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (1/1) ... [2025-03-03 14:21:35,624 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (1/1) ... [2025-03-03 14:21:35,632 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:21:35,633 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:21:35,633 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:21:35,633 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:21:35,636 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (1/1) ... [2025-03-03 14:21:35,643 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:21:35,653 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:35,667 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:21:35,675 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:21:35,690 INFO L130 BoogieDeclarations]: Found specification of procedure getClientPrivateKey [2025-03-03 14:21:35,690 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientPrivateKey [2025-03-03 14:21:35,690 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-03 14:21:35,690 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-03 14:21:35,690 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-03 14:21:35,690 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-03 14:21:35,690 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-03 14:21:35,690 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-03 14:21:35,690 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-03 14:21:35,691 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-03 14:21:35,691 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-03 14:21:35,691 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-03 14:21:35,691 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-03 14:21:35,691 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-03 14:21:35,691 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2025-03-03 14:21:35,691 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2025-03-03 14:21:35,691 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-03 14:21:35,691 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-03 14:21:35,691 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-03 14:21:35,691 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-03 14:21:35,691 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailSignKey [2025-03-03 14:21:35,691 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailSignKey [2025-03-03 14:21:35,691 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-03 14:21:35,691 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-03 14:21:35,692 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2025-03-03 14:21:35,692 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2025-03-03 14:21:35,692 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-03 14:21:35,692 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-03 14:21:35,692 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:21:35,692 INFO L130 BoogieDeclarations]: Found specification of procedure isSigned [2025-03-03 14:21:35,692 INFO L138 BoogieDeclarations]: Found implementation of procedure isSigned [2025-03-03 14:21:35,692 INFO L130 BoogieDeclarations]: Found specification of procedure isKeyPairValid [2025-03-03 14:21:35,692 INFO L138 BoogieDeclarations]: Found implementation of procedure isKeyPairValid [2025-03-03 14:21:35,692 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-03 14:21:35,692 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-03 14:21:35,692 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-03 14:21:35,692 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-03 14:21:35,692 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-03 14:21:35,692 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-03 14:21:35,693 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-03 14:21:35,693 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure findPublicKey [2025-03-03 14:21:35,693 INFO L138 BoogieDeclarations]: Found implementation of procedure findPublicKey [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-03 14:21:35,693 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-03 14:21:35,693 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-03 14:21:35,693 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-03 14:21:35,693 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-03 14:21:35,693 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-03 14:21:35,693 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-03 14:21:35,693 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:21:35,693 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:21:35,847 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:21:35,849 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:21:35,954 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L367: #res := ~retValue_acc~8; [2025-03-03 14:21:35,970 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2934: #res := ~retValue_acc~43; [2025-03-03 14:21:36,012 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2167-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~29#1; [2025-03-03 14:21:36,012 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2212: #res#1 := ~retValue_acc~30#1; [2025-03-03 14:21:36,136 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2555-1: getClientId_#res#1 := getClientId_~retValue_acc~35#1; [2025-03-03 14:21:36,163 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2436: #res := ~retValue_acc~33; [2025-03-03 14:21:36,176 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2120: #res := ~retValue_acc~28; [2025-03-03 14:21:36,187 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1198-1: createEmail_#res#1 := createEmail_~retValue_acc~17#1; [2025-03-03 14:21:36,202 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1664: #res := ~retValue_acc~22; [2025-03-03 14:21:36,215 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L293: #res := ~retValue_acc~6; [2025-03-03 14:21:36,245 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L330: #res := ~retValue_acc~7; [2025-03-03 14:21:36,250 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L404: #res := ~retValue_acc~9; [2025-03-03 14:21:36,270 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L178: #res := ~retValue_acc~3; [2025-03-03 14:21:36,308 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1990: #res := ~retValue_acc~26; [2025-03-03 14:21:36,567 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2909-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~42#1; [2025-03-03 14:21:36,567 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2382-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~32#1; [2025-03-03 14:21:36,567 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2275-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~31#1; [2025-03-03 14:21:36,567 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2610-1: valid_product_#res#1 := valid_product_~retValue_acc~37#1; [2025-03-03 14:21:36,567 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2891-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~40#1; [2025-03-03 14:21:36,568 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2900-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~41#1; [2025-03-03 14:21:36,572 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L141: #res := ~retValue_acc~2; [2025-03-03 14:21:36,580 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1154-1: isReadable__wrappee__Keys_#res#1 := isReadable__wrappee__Keys_~retValue_acc~14#1; [2025-03-03 14:21:36,580 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1174: #res#1 := ~retValue_acc~15#1; [2025-03-03 14:21:36,698 INFO L? ?]: Removed 502 outVars from TransFormulas that were not future-live. [2025-03-03 14:21:36,698 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:21:36,719 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:21:36,720 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:21:36,720 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:21:36 BoogieIcfgContainer [2025-03-03 14:21:36,721 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:21:36,722 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:21:36,722 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:21:36,726 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:21:36,726 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:21:34" (1/3) ... [2025-03-03 14:21:36,727 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@69b58766 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:21:36, skipping insertion in model container [2025-03-03 14:21:36,727 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:21:35" (2/3) ... [2025-03-03 14:21:36,727 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@69b58766 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:21:36, skipping insertion in model container [2025-03-03 14:21:36,727 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:21:36" (3/3) ... [2025-03-03 14:21:36,728 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec1_product29.cil.c [2025-03-03 14:21:36,739 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:21:36,741 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec1_product29.cil.c that has 29 procedures, 407 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-03 14:21:36,789 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:21:36,799 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@54eb9a89, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:21:36,799 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:21:36,804 INFO L276 IsEmpty]: Start isEmpty. Operand has 407 states, 314 states have (on average 1.5541401273885351) internal successors, (488), 319 states have internal predecessors, (488), 63 states have call successors, (63), 28 states have call predecessors, (63), 28 states have return successors, (63), 62 states have call predecessors, (63), 63 states have call successors, (63) [2025-03-03 14:21:36,820 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2025-03-03 14:21:36,820 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:36,821 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:36,821 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:36,824 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:36,825 INFO L85 PathProgramCache]: Analyzing trace with hash 131236561, now seen corresponding path program 1 times [2025-03-03 14:21:36,829 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:36,830 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [786670928] [2025-03-03 14:21:36,830 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:36,830 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:36,935 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-03-03 14:21:36,982 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-03-03 14:21:36,982 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:36,982 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:37,364 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2025-03-03 14:21:37,364 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:37,364 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [786670928] [2025-03-03 14:21:37,365 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [786670928] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:37,365 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [684171109] [2025-03-03 14:21:37,365 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:37,365 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:37,366 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:37,368 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:37,369 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:21:37,530 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-03-03 14:21:37,658 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-03-03 14:21:37,658 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:37,658 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:37,663 INFO L256 TraceCheckSpWp]: Trace formula consists of 1059 conjuncts, 1 conjuncts are in the unsatisfiable core [2025-03-03 14:21:37,668 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:37,686 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:21:37,686 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:37,687 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [684171109] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:37,687 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:37,687 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [5] total 5 [2025-03-03 14:21:37,688 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1420972503] [2025-03-03 14:21:37,689 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:37,691 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:21:37,692 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:37,710 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:21:37,711 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:37,713 INFO L87 Difference]: Start difference. First operand has 407 states, 314 states have (on average 1.5541401273885351) internal successors, (488), 319 states have internal predecessors, (488), 63 states have call successors, (63), 28 states have call predecessors, (63), 28 states have return successors, (63), 62 states have call predecessors, (63), 63 states have call successors, (63) Second operand has 2 states, 2 states have (on average 32.0) internal successors, (64), 2 states have internal predecessors, (64), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:37,770 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:37,770 INFO L93 Difference]: Finished difference Result 627 states and 928 transitions. [2025-03-03 14:21:37,771 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:21:37,772 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 32.0) internal successors, (64), 2 states have internal predecessors, (64), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 110 [2025-03-03 14:21:37,772 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:37,786 INFO L225 Difference]: With dead ends: 627 [2025-03-03 14:21:37,786 INFO L226 Difference]: Without dead ends: 400 [2025-03-03 14:21:37,792 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 114 GetRequests, 111 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:37,794 INFO L435 NwaCegarLoop]: 611 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 611 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:37,795 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 611 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:37,809 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 400 states. [2025-03-03 14:21:37,835 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 400 to 400. [2025-03-03 14:21:37,836 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 400 states, 308 states have (on average 1.551948051948052) internal successors, (478), 312 states have internal predecessors, (478), 63 states have call successors, (63), 28 states have call predecessors, (63), 28 states have return successors, (62), 61 states have call predecessors, (62), 62 states have call successors, (62) [2025-03-03 14:21:37,844 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 400 states to 400 states and 603 transitions. [2025-03-03 14:21:37,847 INFO L78 Accepts]: Start accepts. Automaton has 400 states and 603 transitions. Word has length 110 [2025-03-03 14:21:37,848 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:37,848 INFO L471 AbstractCegarLoop]: Abstraction has 400 states and 603 transitions. [2025-03-03 14:21:37,848 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 32.0) internal successors, (64), 2 states have internal predecessors, (64), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:37,848 INFO L276 IsEmpty]: Start isEmpty. Operand 400 states and 603 transitions. [2025-03-03 14:21:37,855 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2025-03-03 14:21:37,855 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:37,855 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:37,865 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2025-03-03 14:21:38,056 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-03 14:21:38,057 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:38,057 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:38,057 INFO L85 PathProgramCache]: Analyzing trace with hash -1025752575, now seen corresponding path program 1 times [2025-03-03 14:21:38,057 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:38,058 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1074366695] [2025-03-03 14:21:38,058 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:38,058 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:38,082 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:21:38,099 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:21:38,099 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:38,099 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:38,267 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2025-03-03 14:21:38,268 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:38,268 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1074366695] [2025-03-03 14:21:38,268 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1074366695] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:38,268 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2130144225] [2025-03-03 14:21:38,269 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:38,269 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:38,270 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:38,271 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:38,273 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:21:38,405 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:21:38,516 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:21:38,516 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:38,516 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:38,521 INFO L256 TraceCheckSpWp]: Trace formula consists of 1060 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-03 14:21:38,527 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:38,553 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:21:38,557 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:38,557 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2130144225] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:38,558 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:38,558 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:21:38,558 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [938441246] [2025-03-03 14:21:38,558 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:38,559 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:38,560 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:38,560 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:38,561 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:21:38,561 INFO L87 Difference]: Start difference. First operand 400 states and 603 transitions. Second operand has 3 states, 3 states have (on average 21.666666666666668) internal successors, (65), 3 states have internal predecessors, (65), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:38,599 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:38,600 INFO L93 Difference]: Finished difference Result 616 states and 906 transitions. [2025-03-03 14:21:38,601 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:38,601 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 21.666666666666668) internal successors, (65), 3 states have internal predecessors, (65), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 111 [2025-03-03 14:21:38,602 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:38,606 INFO L225 Difference]: With dead ends: 616 [2025-03-03 14:21:38,607 INFO L226 Difference]: Without dead ends: 402 [2025-03-03 14:21:38,609 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 115 GetRequests, 111 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:21:38,609 INFO L435 NwaCegarLoop]: 602 mSDtfsCounter, 0 mSDsluCounter, 600 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1202 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:38,609 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1202 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:38,610 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 402 states. [2025-03-03 14:21:38,633 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 402 to 402. [2025-03-03 14:21:38,634 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 402 states, 310 states have (on average 1.5483870967741935) internal successors, (480), 314 states have internal predecessors, (480), 63 states have call successors, (63), 28 states have call predecessors, (63), 28 states have return successors, (62), 61 states have call predecessors, (62), 62 states have call successors, (62) [2025-03-03 14:21:38,636 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 402 states to 402 states and 605 transitions. [2025-03-03 14:21:38,637 INFO L78 Accepts]: Start accepts. Automaton has 402 states and 605 transitions. Word has length 111 [2025-03-03 14:21:38,637 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:38,637 INFO L471 AbstractCegarLoop]: Abstraction has 402 states and 605 transitions. [2025-03-03 14:21:38,637 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 21.666666666666668) internal successors, (65), 3 states have internal predecessors, (65), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:38,638 INFO L276 IsEmpty]: Start isEmpty. Operand 402 states and 605 transitions. [2025-03-03 14:21:38,639 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2025-03-03 14:21:38,639 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:38,639 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:38,648 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2025-03-03 14:21:38,840 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-03 14:21:38,840 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:38,841 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:38,841 INFO L85 PathProgramCache]: Analyzing trace with hash -2113143322, now seen corresponding path program 1 times [2025-03-03 14:21:38,841 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:38,841 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1844146369] [2025-03-03 14:21:38,841 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:38,841 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:38,859 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 116 statements into 1 equivalence classes. [2025-03-03 14:21:38,869 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 116 of 116 statements. [2025-03-03 14:21:38,870 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:38,870 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:39,052 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:21:39,054 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:39,054 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1844146369] [2025-03-03 14:21:39,054 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1844146369] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:39,054 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [140948126] [2025-03-03 14:21:39,054 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:39,055 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:39,055 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:39,057 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:39,058 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:21:39,184 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 116 statements into 1 equivalence classes. [2025-03-03 14:21:39,288 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 116 of 116 statements. [2025-03-03 14:21:39,289 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:39,289 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:39,292 INFO L256 TraceCheckSpWp]: Trace formula consists of 1072 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:21:39,299 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:39,313 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:21:39,313 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:39,313 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [140948126] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:39,314 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:39,314 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:21:39,314 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1054756408] [2025-03-03 14:21:39,314 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:39,314 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:39,314 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:39,315 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:39,315 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:21:39,315 INFO L87 Difference]: Start difference. First operand 402 states and 605 transitions. Second operand has 3 states, 3 states have (on average 23.333333333333332) internal successors, (70), 3 states have internal predecessors, (70), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:39,348 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:39,349 INFO L93 Difference]: Finished difference Result 846 states and 1293 transitions. [2025-03-03 14:21:39,349 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:39,350 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 23.333333333333332) internal successors, (70), 3 states have internal predecessors, (70), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 116 [2025-03-03 14:21:39,350 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:39,353 INFO L225 Difference]: With dead ends: 846 [2025-03-03 14:21:39,353 INFO L226 Difference]: Without dead ends: 471 [2025-03-03 14:21:39,354 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 120 GetRequests, 116 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:21:39,356 INFO L435 NwaCegarLoop]: 609 mSDtfsCounter, 126 mSDsluCounter, 555 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 1164 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:39,357 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 1164 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:39,359 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 471 states. [2025-03-03 14:21:39,379 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 471 to 463. [2025-03-03 14:21:39,380 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 463 states, 357 states have (on average 1.5686274509803921) internal successors, (560), 361 states have internal predecessors, (560), 77 states have call successors, (77), 28 states have call predecessors, (77), 28 states have return successors, (76), 75 states have call predecessors, (76), 76 states have call successors, (76) [2025-03-03 14:21:39,382 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 463 states to 463 states and 713 transitions. [2025-03-03 14:21:39,383 INFO L78 Accepts]: Start accepts. Automaton has 463 states and 713 transitions. Word has length 116 [2025-03-03 14:21:39,383 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:39,383 INFO L471 AbstractCegarLoop]: Abstraction has 463 states and 713 transitions. [2025-03-03 14:21:39,383 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 23.333333333333332) internal successors, (70), 3 states have internal predecessors, (70), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:39,384 INFO L276 IsEmpty]: Start isEmpty. Operand 463 states and 713 transitions. [2025-03-03 14:21:39,385 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 118 [2025-03-03 14:21:39,386 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:39,386 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:39,393 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2025-03-03 14:21:39,590 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:39,590 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:39,591 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:39,591 INFO L85 PathProgramCache]: Analyzing trace with hash -1346251300, now seen corresponding path program 1 times [2025-03-03 14:21:39,591 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:39,591 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [44856084] [2025-03-03 14:21:39,591 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:39,591 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:39,608 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 117 statements into 1 equivalence classes. [2025-03-03 14:21:39,613 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 117 of 117 statements. [2025-03-03 14:21:39,614 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:39,614 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:39,760 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:21:39,760 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:39,760 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [44856084] [2025-03-03 14:21:39,761 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [44856084] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:39,761 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2022598067] [2025-03-03 14:21:39,761 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:39,761 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:39,761 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:39,763 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:39,765 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-03 14:21:39,899 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 117 statements into 1 equivalence classes. [2025-03-03 14:21:39,995 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 117 of 117 statements. [2025-03-03 14:21:39,995 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:39,995 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:40,001 INFO L256 TraceCheckSpWp]: Trace formula consists of 1077 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-03 14:21:40,005 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:40,053 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-03 14:21:40,053 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:40,053 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2022598067] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:40,053 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:40,054 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:21:40,054 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1039334285] [2025-03-03 14:21:40,054 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:40,054 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:40,055 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:40,056 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:40,056 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:21:40,056 INFO L87 Difference]: Start difference. First operand 463 states and 713 transitions. Second operand has 5 states, 4 states have (on average 19.75) internal successors, (79), 5 states have internal predecessors, (79), 3 states have call successors, (17), 2 states have call predecessors, (17), 3 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:21:40,114 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:40,114 INFO L93 Difference]: Finished difference Result 917 states and 1416 transitions. [2025-03-03 14:21:40,115 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:40,115 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 19.75) internal successors, (79), 5 states have internal predecessors, (79), 3 states have call successors, (17), 2 states have call predecessors, (17), 3 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) Word has length 117 [2025-03-03 14:21:40,115 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:40,118 INFO L225 Difference]: With dead ends: 917 [2025-03-03 14:21:40,118 INFO L226 Difference]: Without dead ends: 465 [2025-03-03 14:21:40,119 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 121 GetRequests, 115 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:21:40,120 INFO L435 NwaCegarLoop]: 595 mSDtfsCounter, 2 mSDsluCounter, 1774 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2369 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:40,120 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2369 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:40,121 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 465 states. [2025-03-03 14:21:40,131 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 465 to 465. [2025-03-03 14:21:40,132 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 465 states, 358 states have (on average 1.5670391061452513) internal successors, (561), 363 states have internal predecessors, (561), 77 states have call successors, (77), 28 states have call predecessors, (77), 29 states have return successors, (78), 75 states have call predecessors, (78), 76 states have call successors, (78) [2025-03-03 14:21:40,134 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 465 states to 465 states and 716 transitions. [2025-03-03 14:21:40,135 INFO L78 Accepts]: Start accepts. Automaton has 465 states and 716 transitions. Word has length 117 [2025-03-03 14:21:40,135 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:40,135 INFO L471 AbstractCegarLoop]: Abstraction has 465 states and 716 transitions. [2025-03-03 14:21:40,135 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 19.75) internal successors, (79), 5 states have internal predecessors, (79), 3 states have call successors, (17), 2 states have call predecessors, (17), 3 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:21:40,135 INFO L276 IsEmpty]: Start isEmpty. Operand 465 states and 716 transitions. [2025-03-03 14:21:40,137 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2025-03-03 14:21:40,137 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:40,137 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:40,145 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2025-03-03 14:21:40,338 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:40,338 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:40,338 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:40,338 INFO L85 PathProgramCache]: Analyzing trace with hash 374952640, now seen corresponding path program 1 times [2025-03-03 14:21:40,339 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:40,339 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1993465419] [2025-03-03 14:21:40,339 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:40,339 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:40,354 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-03-03 14:21:40,360 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-03-03 14:21:40,360 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:40,360 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:40,502 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2025-03-03 14:21:40,502 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:40,502 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1993465419] [2025-03-03 14:21:40,503 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1993465419] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:40,503 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [621295774] [2025-03-03 14:21:40,503 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:40,503 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:40,503 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:40,505 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:40,507 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-03 14:21:40,630 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-03-03 14:21:40,724 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-03-03 14:21:40,724 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:40,724 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:40,730 INFO L256 TraceCheckSpWp]: Trace formula consists of 1078 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:21:40,734 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:40,773 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-03 14:21:40,776 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:21:40,776 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [621295774] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:40,776 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:21:40,776 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-03 14:21:40,776 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1896208116] [2025-03-03 14:21:40,776 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:40,777 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:40,777 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:40,777 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:40,777 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:21:40,777 INFO L87 Difference]: Start difference. First operand 465 states and 716 transitions. Second operand has 5 states, 5 states have (on average 16.2) internal successors, (81), 5 states have internal predecessors, (81), 3 states have call successors, (17), 2 states have call predecessors, (17), 3 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:21:40,835 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:40,835 INFO L93 Difference]: Finished difference Result 919 states and 1421 transitions. [2025-03-03 14:21:40,836 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:40,836 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 16.2) internal successors, (81), 5 states have internal predecessors, (81), 3 states have call successors, (17), 2 states have call predecessors, (17), 3 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) Word has length 118 [2025-03-03 14:21:40,836 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:40,838 INFO L225 Difference]: With dead ends: 919 [2025-03-03 14:21:40,839 INFO L226 Difference]: Without dead ends: 467 [2025-03-03 14:21:40,840 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 125 GetRequests, 116 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:21:40,840 INFO L435 NwaCegarLoop]: 593 mSDtfsCounter, 2 mSDsluCounter, 1762 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2355 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:40,841 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2355 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:40,841 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 467 states. [2025-03-03 14:21:40,851 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 467 to 467. [2025-03-03 14:21:40,852 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 467 states, 359 states have (on average 1.565459610027855) internal successors, (562), 365 states have internal predecessors, (562), 77 states have call successors, (77), 28 states have call predecessors, (77), 30 states have return successors, (83), 75 states have call predecessors, (83), 76 states have call successors, (83) [2025-03-03 14:21:40,855 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 467 states to 467 states and 722 transitions. [2025-03-03 14:21:40,855 INFO L78 Accepts]: Start accepts. Automaton has 467 states and 722 transitions. Word has length 118 [2025-03-03 14:21:40,856 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:40,856 INFO L471 AbstractCegarLoop]: Abstraction has 467 states and 722 transitions. [2025-03-03 14:21:40,856 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 16.2) internal successors, (81), 5 states have internal predecessors, (81), 3 states have call successors, (17), 2 states have call predecessors, (17), 3 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:21:40,856 INFO L276 IsEmpty]: Start isEmpty. Operand 467 states and 722 transitions. [2025-03-03 14:21:40,858 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 120 [2025-03-03 14:21:40,858 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:40,858 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:40,868 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2025-03-03 14:21:41,058 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:41,059 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:41,059 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:41,059 INFO L85 PathProgramCache]: Analyzing trace with hash 1555881489, now seen corresponding path program 1 times [2025-03-03 14:21:41,059 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:41,059 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [598252784] [2025-03-03 14:21:41,059 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:41,059 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:41,073 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 119 statements into 1 equivalence classes. [2025-03-03 14:21:41,078 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 119 of 119 statements. [2025-03-03 14:21:41,079 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:41,079 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:41,175 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:21:41,176 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:41,176 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [598252784] [2025-03-03 14:21:41,176 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [598252784] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:41,176 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:41,176 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:41,176 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2010433572] [2025-03-03 14:21:41,176 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:41,176 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:41,176 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:41,177 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:41,177 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:41,177 INFO L87 Difference]: Start difference. First operand 467 states and 722 transitions. Second operand has 5 states, 4 states have (on average 19.25) internal successors, (77), 5 states have internal predecessors, (77), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:21:41,212 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:41,213 INFO L93 Difference]: Finished difference Result 911 states and 1412 transitions. [2025-03-03 14:21:41,213 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:41,213 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 19.25) internal successors, (77), 5 states have internal predecessors, (77), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) Word has length 119 [2025-03-03 14:21:41,214 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:41,216 INFO L225 Difference]: With dead ends: 911 [2025-03-03 14:21:41,216 INFO L226 Difference]: Without dead ends: 467 [2025-03-03 14:21:41,217 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:41,218 INFO L435 NwaCegarLoop]: 596 mSDtfsCounter, 2 mSDsluCounter, 1777 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2373 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:41,218 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2373 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:41,218 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 467 states. [2025-03-03 14:21:41,229 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 467 to 467. [2025-03-03 14:21:41,230 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 467 states, 359 states have (on average 1.565459610027855) internal successors, (562), 365 states have internal predecessors, (562), 77 states have call successors, (77), 28 states have call predecessors, (77), 30 states have return successors, (82), 75 states have call predecessors, (82), 76 states have call successors, (82) [2025-03-03 14:21:41,233 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 467 states to 467 states and 721 transitions. [2025-03-03 14:21:41,233 INFO L78 Accepts]: Start accepts. Automaton has 467 states and 721 transitions. Word has length 119 [2025-03-03 14:21:41,234 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:41,234 INFO L471 AbstractCegarLoop]: Abstraction has 467 states and 721 transitions. [2025-03-03 14:21:41,234 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 19.25) internal successors, (77), 5 states have internal predecessors, (77), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:21:41,234 INFO L276 IsEmpty]: Start isEmpty. Operand 467 states and 721 transitions. [2025-03-03 14:21:41,236 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 121 [2025-03-03 14:21:41,236 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:41,236 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:41,236 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:21:41,236 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:41,236 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:41,236 INFO L85 PathProgramCache]: Analyzing trace with hash -1776987369, now seen corresponding path program 2 times [2025-03-03 14:21:41,237 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:41,237 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1824947674] [2025-03-03 14:21:41,237 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:21:41,237 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:41,251 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 120 statements into 2 equivalence classes. [2025-03-03 14:21:41,260 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 120 of 120 statements. [2025-03-03 14:21:41,261 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-03 14:21:41,261 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:41,361 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:21:41,362 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:41,362 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1824947674] [2025-03-03 14:21:41,362 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1824947674] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:41,362 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:41,362 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:41,362 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2034265194] [2025-03-03 14:21:41,362 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:41,363 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:41,363 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:41,364 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:41,364 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:41,364 INFO L87 Difference]: Start difference. First operand 467 states and 721 transitions. Second operand has 5 states, 5 states have (on average 15.4) internal successors, (77), 5 states have internal predecessors, (77), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:21:41,419 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:41,419 INFO L93 Difference]: Finished difference Result 909 states and 1407 transitions. [2025-03-03 14:21:41,420 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:41,420 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 15.4) internal successors, (77), 5 states have internal predecessors, (77), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) Word has length 120 [2025-03-03 14:21:41,421 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:41,424 INFO L225 Difference]: With dead ends: 909 [2025-03-03 14:21:41,424 INFO L226 Difference]: Without dead ends: 467 [2025-03-03 14:21:41,426 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:41,426 INFO L435 NwaCegarLoop]: 594 mSDtfsCounter, 2 mSDsluCounter, 1765 mSDsCounter, 0 mSdLazyCounter, 45 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2359 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 45 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:41,427 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2359 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 45 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:41,428 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 467 states. [2025-03-03 14:21:41,443 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 467 to 467. [2025-03-03 14:21:41,444 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 467 states, 359 states have (on average 1.565459610027855) internal successors, (562), 365 states have internal predecessors, (562), 77 states have call successors, (77), 28 states have call predecessors, (77), 30 states have return successors, (81), 75 states have call predecessors, (81), 76 states have call successors, (81) [2025-03-03 14:21:41,447 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 467 states to 467 states and 720 transitions. [2025-03-03 14:21:41,447 INFO L78 Accepts]: Start accepts. Automaton has 467 states and 720 transitions. Word has length 120 [2025-03-03 14:21:41,448 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:41,448 INFO L471 AbstractCegarLoop]: Abstraction has 467 states and 720 transitions. [2025-03-03 14:21:41,448 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 15.4) internal successors, (77), 5 states have internal predecessors, (77), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:21:41,448 INFO L276 IsEmpty]: Start isEmpty. Operand 467 states and 720 transitions. [2025-03-03 14:21:41,450 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2025-03-03 14:21:41,450 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:41,450 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:41,450 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:21:41,450 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:41,451 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:41,451 INFO L85 PathProgramCache]: Analyzing trace with hash -1026682550, now seen corresponding path program 3 times [2025-03-03 14:21:41,451 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:41,451 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [939151706] [2025-03-03 14:21:41,451 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2025-03-03 14:21:41,451 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:41,468 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 partitioned 121 statements into 3 equivalence classes. [2025-03-03 14:21:41,478 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) and asserted 109 of 121 statements. [2025-03-03 14:21:41,478 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2025-03-03 14:21:41,478 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:41,558 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:21:41,559 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:41,559 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [939151706] [2025-03-03 14:21:41,559 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [939151706] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:41,559 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:41,559 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:41,559 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1256446316] [2025-03-03 14:21:41,559 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:41,559 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:41,559 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:41,560 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:41,560 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:41,560 INFO L87 Difference]: Start difference. First operand 467 states and 720 transitions. Second operand has 5 states, 5 states have (on average 15.6) internal successors, (78), 5 states have internal predecessors, (78), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:21:41,612 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:41,612 INFO L93 Difference]: Finished difference Result 911 states and 1413 transitions. [2025-03-03 14:21:41,613 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:41,613 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 15.6) internal successors, (78), 5 states have internal predecessors, (78), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) Word has length 121 [2025-03-03 14:21:41,613 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:41,617 INFO L225 Difference]: With dead ends: 911 [2025-03-03 14:21:41,618 INFO L226 Difference]: Without dead ends: 469 [2025-03-03 14:21:41,620 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:41,620 INFO L435 NwaCegarLoop]: 597 mSDtfsCounter, 1 mSDsluCounter, 1773 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2370 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:41,622 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2370 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:41,623 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 469 states. [2025-03-03 14:21:41,637 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 469 to 469. [2025-03-03 14:21:41,638 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 469 states, 360 states have (on average 1.5638888888888889) internal successors, (563), 367 states have internal predecessors, (563), 77 states have call successors, (77), 28 states have call predecessors, (77), 31 states have return successors, (86), 75 states have call predecessors, (86), 76 states have call successors, (86) [2025-03-03 14:21:41,640 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 469 states to 469 states and 726 transitions. [2025-03-03 14:21:41,641 INFO L78 Accepts]: Start accepts. Automaton has 469 states and 726 transitions. Word has length 121 [2025-03-03 14:21:41,642 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:41,642 INFO L471 AbstractCegarLoop]: Abstraction has 469 states and 726 transitions. [2025-03-03 14:21:41,642 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 15.6) internal successors, (78), 5 states have internal predecessors, (78), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 3 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:21:41,642 INFO L276 IsEmpty]: Start isEmpty. Operand 469 states and 726 transitions. [2025-03-03 14:21:41,644 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 123 [2025-03-03 14:21:41,644 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:41,645 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:41,645 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:21:41,645 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:41,645 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:41,645 INFO L85 PathProgramCache]: Analyzing trace with hash 2020552698, now seen corresponding path program 1 times [2025-03-03 14:21:41,645 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:41,646 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1888776308] [2025-03-03 14:21:41,646 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:41,646 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:41,662 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 122 statements into 1 equivalence classes. [2025-03-03 14:21:41,683 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 122 of 122 statements. [2025-03-03 14:21:41,684 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:41,684 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:41,790 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:21:41,791 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:41,791 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1888776308] [2025-03-03 14:21:41,791 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1888776308] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:41,791 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:41,791 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:21:41,791 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1549811856] [2025-03-03 14:21:41,791 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:41,792 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:21:41,792 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:41,792 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:21:41,792 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:41,792 INFO L87 Difference]: Start difference. First operand 469 states and 726 transitions. Second operand has 5 states, 4 states have (on average 20.0) internal successors, (80), 5 states have internal predecessors, (80), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:21:41,832 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:41,833 INFO L93 Difference]: Finished difference Result 917 states and 1423 transitions. [2025-03-03 14:21:41,833 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:21:41,833 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 20.0) internal successors, (80), 5 states have internal predecessors, (80), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) Word has length 122 [2025-03-03 14:21:41,834 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:41,836 INFO L225 Difference]: With dead ends: 917 [2025-03-03 14:21:41,836 INFO L226 Difference]: Without dead ends: 471 [2025-03-03 14:21:41,838 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:21:41,838 INFO L435 NwaCegarLoop]: 597 mSDtfsCounter, 1 mSDsluCounter, 1779 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2376 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:41,839 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2376 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:41,839 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 471 states. [2025-03-03 14:21:41,850 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 471 to 471. [2025-03-03 14:21:41,851 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 471 states, 361 states have (on average 1.5623268698060941) internal successors, (564), 369 states have internal predecessors, (564), 77 states have call successors, (77), 28 states have call predecessors, (77), 32 states have return successors, (88), 75 states have call predecessors, (88), 76 states have call successors, (88) [2025-03-03 14:21:41,854 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 471 states to 471 states and 729 transitions. [2025-03-03 14:21:41,855 INFO L78 Accepts]: Start accepts. Automaton has 471 states and 729 transitions. Word has length 122 [2025-03-03 14:21:41,855 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:41,855 INFO L471 AbstractCegarLoop]: Abstraction has 471 states and 729 transitions. [2025-03-03 14:21:41,855 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 20.0) internal successors, (80), 5 states have internal predecessors, (80), 3 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 3 states have call successors, (14) [2025-03-03 14:21:41,856 INFO L276 IsEmpty]: Start isEmpty. Operand 471 states and 729 transitions. [2025-03-03 14:21:41,858 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 124 [2025-03-03 14:21:41,858 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:41,858 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:41,858 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:21:41,858 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:41,859 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:41,859 INFO L85 PathProgramCache]: Analyzing trace with hash 2132424887, now seen corresponding path program 1 times [2025-03-03 14:21:41,859 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:41,859 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [841641316] [2025-03-03 14:21:41,859 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:41,859 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:41,874 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 123 statements into 1 equivalence classes. [2025-03-03 14:21:41,881 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 123 of 123 statements. [2025-03-03 14:21:41,881 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:41,881 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:41,964 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:41,964 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:41,965 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [841641316] [2025-03-03 14:21:41,965 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [841641316] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:21:41,965 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [91058857] [2025-03-03 14:21:41,965 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:41,965 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:41,965 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:21:41,967 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:21:41,968 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-03 14:21:42,101 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 123 statements into 1 equivalence classes. [2025-03-03 14:21:42,210 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 123 of 123 statements. [2025-03-03 14:21:42,210 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:42,210 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:42,215 INFO L256 TraceCheckSpWp]: Trace formula consists of 1083 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:21:42,218 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:21:42,237 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:42,237 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:21:42,313 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:42,313 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [91058857] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:21:42,313 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:21:42,313 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2025-03-03 14:21:42,313 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [138157667] [2025-03-03 14:21:42,313 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:21:42,314 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-03 14:21:42,314 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:42,314 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-03 14:21:42,314 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:21:42,315 INFO L87 Difference]: Start difference. First operand 471 states and 729 transitions. Second operand has 7 states, 7 states have (on average 16.142857142857142) internal successors, (113), 7 states have internal predecessors, (113), 2 states have call successors, (25), 2 states have call predecessors, (25), 2 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:21:42,441 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:42,441 INFO L93 Difference]: Finished difference Result 1097 states and 1758 transitions. [2025-03-03 14:21:42,441 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-03 14:21:42,442 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 16.142857142857142) internal successors, (113), 7 states have internal predecessors, (113), 2 states have call successors, (25), 2 states have call predecessors, (25), 2 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) Word has length 123 [2025-03-03 14:21:42,442 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:42,446 INFO L225 Difference]: With dead ends: 1097 [2025-03-03 14:21:42,446 INFO L226 Difference]: Without dead ends: 883 [2025-03-03 14:21:42,447 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 248 GetRequests, 243 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:21:42,448 INFO L435 NwaCegarLoop]: 640 mSDtfsCounter, 483 mSDsluCounter, 1977 mSDsCounter, 0 mSdLazyCounter, 74 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 537 SdHoareTripleChecker+Valid, 2617 SdHoareTripleChecker+Invalid, 85 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 74 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:42,448 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [537 Valid, 2617 Invalid, 85 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 74 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:21:42,449 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 883 states. [2025-03-03 14:21:42,469 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 883 to 859. [2025-03-03 14:21:42,470 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 859 states, 670 states have (on average 1.6298507462686567) internal successors, (1092), 678 states have internal predecessors, (1092), 156 states have call successors, (156), 28 states have call predecessors, (156), 32 states have return successors, (177), 154 states have call predecessors, (177), 155 states have call successors, (177) [2025-03-03 14:21:42,475 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 859 states to 859 states and 1425 transitions. [2025-03-03 14:21:42,476 INFO L78 Accepts]: Start accepts. Automaton has 859 states and 1425 transitions. Word has length 123 [2025-03-03 14:21:42,476 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:42,476 INFO L471 AbstractCegarLoop]: Abstraction has 859 states and 1425 transitions. [2025-03-03 14:21:42,476 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 16.142857142857142) internal successors, (113), 7 states have internal predecessors, (113), 2 states have call successors, (25), 2 states have call predecessors, (25), 2 states have return successors, (22), 2 states have call predecessors, (22), 2 states have call successors, (22) [2025-03-03 14:21:42,476 INFO L276 IsEmpty]: Start isEmpty. Operand 859 states and 1425 transitions. [2025-03-03 14:21:42,480 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 130 [2025-03-03 14:21:42,480 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:42,480 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:42,488 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Ended with exit code 0 [2025-03-03 14:21:42,685 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:21:42,685 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:42,685 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:42,686 INFO L85 PathProgramCache]: Analyzing trace with hash -942245993, now seen corresponding path program 1 times [2025-03-03 14:21:42,686 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:42,686 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1157418983] [2025-03-03 14:21:42,686 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:42,686 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:42,700 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 129 statements into 1 equivalence classes. [2025-03-03 14:21:42,708 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 129 of 129 statements. [2025-03-03 14:21:42,708 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:42,708 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:42,743 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:42,743 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:42,743 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1157418983] [2025-03-03 14:21:42,743 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1157418983] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:42,743 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:42,744 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:42,744 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1466207607] [2025-03-03 14:21:42,744 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:42,744 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:42,744 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:42,745 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:42,745 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:42,745 INFO L87 Difference]: Start difference. First operand 859 states and 1425 transitions. Second operand has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:42,783 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:42,783 INFO L93 Difference]: Finished difference Result 2045 states and 3444 transitions. [2025-03-03 14:21:42,784 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:42,784 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 129 [2025-03-03 14:21:42,784 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:42,791 INFO L225 Difference]: With dead ends: 2045 [2025-03-03 14:21:42,791 INFO L226 Difference]: Without dead ends: 1252 [2025-03-03 14:21:42,794 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:42,794 INFO L435 NwaCegarLoop]: 611 mSDtfsCounter, 124 mSDsluCounter, 599 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1210 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:42,795 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1210 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:42,796 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1252 states. [2025-03-03 14:21:42,828 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1252 to 1244. [2025-03-03 14:21:42,831 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1244 states, 976 states have (on average 1.646516393442623) internal successors, (1607), 984 states have internal predecessors, (1607), 235 states have call successors, (235), 28 states have call predecessors, (235), 32 states have return successors, (266), 233 states have call predecessors, (266), 234 states have call successors, (266) [2025-03-03 14:21:42,837 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1244 states to 1244 states and 2108 transitions. [2025-03-03 14:21:42,838 INFO L78 Accepts]: Start accepts. Automaton has 1244 states and 2108 transitions. Word has length 129 [2025-03-03 14:21:42,838 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:42,839 INFO L471 AbstractCegarLoop]: Abstraction has 1244 states and 2108 transitions. [2025-03-03 14:21:42,839 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:42,839 INFO L276 IsEmpty]: Start isEmpty. Operand 1244 states and 2108 transitions. [2025-03-03 14:21:42,844 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 131 [2025-03-03 14:21:42,845 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:42,845 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:42,845 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-03-03 14:21:42,845 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:42,845 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:42,845 INFO L85 PathProgramCache]: Analyzing trace with hash -1356617140, now seen corresponding path program 1 times [2025-03-03 14:21:42,846 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:42,846 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1257664265] [2025-03-03 14:21:42,846 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:42,846 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:42,888 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 130 statements into 1 equivalence classes. [2025-03-03 14:21:42,895 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 130 of 130 statements. [2025-03-03 14:21:42,895 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:42,895 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:42,925 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:42,925 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:42,925 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1257664265] [2025-03-03 14:21:42,925 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1257664265] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:42,925 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:42,925 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:42,926 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [631236548] [2025-03-03 14:21:42,926 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:42,926 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:42,926 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:42,926 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:42,927 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:42,927 INFO L87 Difference]: Start difference. First operand 1244 states and 2108 transitions. Second operand has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:42,978 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:42,978 INFO L93 Difference]: Finished difference Result 2983 states and 5091 transitions. [2025-03-03 14:21:42,978 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:42,979 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 130 [2025-03-03 14:21:42,979 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:42,989 INFO L225 Difference]: With dead ends: 2983 [2025-03-03 14:21:42,989 INFO L226 Difference]: Without dead ends: 1856 [2025-03-03 14:21:42,994 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:42,994 INFO L435 NwaCegarLoop]: 602 mSDtfsCounter, 122 mSDsluCounter, 596 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1198 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:42,994 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1198 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:42,996 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1856 states. [2025-03-03 14:21:43,055 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1856 to 1848. [2025-03-03 14:21:43,059 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1848 states, 1461 states have (on average 1.6577686516084873) internal successors, (2422), 1469 states have internal predecessors, (2422), 354 states have call successors, (354), 28 states have call predecessors, (354), 32 states have return successors, (385), 352 states have call predecessors, (385), 353 states have call successors, (385) [2025-03-03 14:21:43,069 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1848 states to 1848 states and 3161 transitions. [2025-03-03 14:21:43,071 INFO L78 Accepts]: Start accepts. Automaton has 1848 states and 3161 transitions. Word has length 130 [2025-03-03 14:21:43,072 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:43,072 INFO L471 AbstractCegarLoop]: Abstraction has 1848 states and 3161 transitions. [2025-03-03 14:21:43,072 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:43,072 INFO L276 IsEmpty]: Start isEmpty. Operand 1848 states and 3161 transitions. [2025-03-03 14:21:43,082 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 132 [2025-03-03 14:21:43,082 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:43,082 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:43,082 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-03 14:21:43,082 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:43,083 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:43,083 INFO L85 PathProgramCache]: Analyzing trace with hash -2128909706, now seen corresponding path program 1 times [2025-03-03 14:21:43,083 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:43,083 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [897128416] [2025-03-03 14:21:43,083 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:43,083 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:43,097 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 131 statements into 1 equivalence classes. [2025-03-03 14:21:43,104 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 131 of 131 statements. [2025-03-03 14:21:43,104 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:43,104 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:43,133 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:43,133 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:43,134 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [897128416] [2025-03-03 14:21:43,134 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [897128416] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:43,134 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:43,134 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:43,134 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [741323668] [2025-03-03 14:21:43,134 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:43,134 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:43,134 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:43,135 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:43,135 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:43,135 INFO L87 Difference]: Start difference. First operand 1848 states and 3161 transitions. Second operand has 3 states, 3 states have (on average 29.0) internal successors, (87), 3 states have internal predecessors, (87), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:43,229 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:43,229 INFO L93 Difference]: Finished difference Result 4390 states and 7573 transitions. [2025-03-03 14:21:43,230 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:43,230 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 29.0) internal successors, (87), 3 states have internal predecessors, (87), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 131 [2025-03-03 14:21:43,230 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:43,246 INFO L225 Difference]: With dead ends: 4390 [2025-03-03 14:21:43,246 INFO L226 Difference]: Without dead ends: 2781 [2025-03-03 14:21:43,253 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:43,253 INFO L435 NwaCegarLoop]: 602 mSDtfsCounter, 120 mSDsluCounter, 593 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1195 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:43,253 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1195 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:43,256 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2781 states. [2025-03-03 14:21:43,356 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2781 to 2773. [2025-03-03 14:21:43,361 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2773 states, 2224 states have (on average 1.66681654676259) internal successors, (3707), 2232 states have internal predecessors, (3707), 516 states have call successors, (516), 28 states have call predecessors, (516), 32 states have return successors, (563), 514 states have call predecessors, (563), 515 states have call successors, (563) [2025-03-03 14:21:43,374 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2773 states to 2773 states and 4786 transitions. [2025-03-03 14:21:43,377 INFO L78 Accepts]: Start accepts. Automaton has 2773 states and 4786 transitions. Word has length 131 [2025-03-03 14:21:43,377 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:43,377 INFO L471 AbstractCegarLoop]: Abstraction has 2773 states and 4786 transitions. [2025-03-03 14:21:43,377 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 29.0) internal successors, (87), 3 states have internal predecessors, (87), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:43,377 INFO L276 IsEmpty]: Start isEmpty. Operand 2773 states and 4786 transitions. [2025-03-03 14:21:43,390 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 133 [2025-03-03 14:21:43,391 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:43,391 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:43,391 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-03-03 14:21:43,391 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:43,391 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:43,392 INFO L85 PathProgramCache]: Analyzing trace with hash 223664397, now seen corresponding path program 1 times [2025-03-03 14:21:43,392 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:43,392 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [912818038] [2025-03-03 14:21:43,392 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:43,392 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:43,406 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 132 statements into 1 equivalence classes. [2025-03-03 14:21:43,412 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 132 of 132 statements. [2025-03-03 14:21:43,413 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:43,413 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:43,445 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:43,445 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:43,445 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [912818038] [2025-03-03 14:21:43,446 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [912818038] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:43,446 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:43,446 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:43,446 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1354862863] [2025-03-03 14:21:43,446 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:43,446 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:43,446 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:43,447 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:43,447 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:43,447 INFO L87 Difference]: Start difference. First operand 2773 states and 4786 transitions. Second operand has 3 states, 3 states have (on average 29.333333333333332) internal successors, (88), 3 states have internal predecessors, (88), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:43,601 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:43,601 INFO L93 Difference]: Finished difference Result 6608 states and 11494 transitions. [2025-03-03 14:21:43,602 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:43,603 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 29.333333333333332) internal successors, (88), 3 states have internal predecessors, (88), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 132 [2025-03-03 14:21:43,603 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:43,626 INFO L225 Difference]: With dead ends: 6608 [2025-03-03 14:21:43,626 INFO L226 Difference]: Without dead ends: 4274 [2025-03-03 14:21:43,636 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:43,637 INFO L435 NwaCegarLoop]: 602 mSDtfsCounter, 118 mSDsluCounter, 593 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1195 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:43,637 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1195 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:43,640 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4274 states. [2025-03-03 14:21:43,813 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4274 to 4266. [2025-03-03 14:21:43,820 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4266 states, 3472 states have (on average 1.6733870967741935) internal successors, (5810), 3480 states have internal predecessors, (5810), 761 states have call successors, (761), 28 states have call predecessors, (761), 32 states have return successors, (834), 759 states have call predecessors, (834), 760 states have call successors, (834) [2025-03-03 14:21:43,841 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4266 states to 4266 states and 7405 transitions. [2025-03-03 14:21:43,845 INFO L78 Accepts]: Start accepts. Automaton has 4266 states and 7405 transitions. Word has length 132 [2025-03-03 14:21:43,845 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:43,845 INFO L471 AbstractCegarLoop]: Abstraction has 4266 states and 7405 transitions. [2025-03-03 14:21:43,846 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 29.333333333333332) internal successors, (88), 3 states have internal predecessors, (88), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:43,846 INFO L276 IsEmpty]: Start isEmpty. Operand 4266 states and 7405 transitions. [2025-03-03 14:21:43,865 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 134 [2025-03-03 14:21:43,866 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:43,866 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:43,866 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-03 14:21:43,866 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:43,866 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:43,867 INFO L85 PathProgramCache]: Analyzing trace with hash 58422901, now seen corresponding path program 1 times [2025-03-03 14:21:43,867 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:43,867 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1936148911] [2025-03-03 14:21:43,867 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:43,867 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:43,882 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 133 statements into 1 equivalence classes. [2025-03-03 14:21:43,888 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 133 of 133 statements. [2025-03-03 14:21:43,888 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:43,888 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:43,939 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:43,939 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:43,939 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1936148911] [2025-03-03 14:21:43,939 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1936148911] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:43,939 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:43,939 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:43,939 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1112411683] [2025-03-03 14:21:43,939 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:43,940 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:43,940 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:43,940 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:43,940 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:43,941 INFO L87 Difference]: Start difference. First operand 4266 states and 7405 transitions. Second operand has 3 states, 3 states have (on average 29.666666666666668) internal successors, (89), 3 states have internal predecessors, (89), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:44,089 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:44,089 INFO L93 Difference]: Finished difference Result 10568 states and 18450 transitions. [2025-03-03 14:21:44,090 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:44,090 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 29.666666666666668) internal successors, (89), 3 states have internal predecessors, (89), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 133 [2025-03-03 14:21:44,090 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:44,128 INFO L225 Difference]: With dead ends: 10568 [2025-03-03 14:21:44,129 INFO L226 Difference]: Without dead ends: 6968 [2025-03-03 14:21:44,144 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:44,145 INFO L435 NwaCegarLoop]: 611 mSDtfsCounter, 116 mSDsluCounter, 600 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1211 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:44,145 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1211 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:44,150 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 6968 states. [2025-03-03 14:21:44,427 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 6968 to 6960. [2025-03-03 14:21:44,439 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6960 states, 5673 states have (on average 1.670368411775075) internal successors, (9476), 5681 states have internal predecessors, (9476), 1254 states have call successors, (1254), 28 states have call predecessors, (1254), 32 states have return successors, (1371), 1252 states have call predecessors, (1371), 1253 states have call successors, (1371) [2025-03-03 14:21:44,468 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6960 states to 6960 states and 12101 transitions. [2025-03-03 14:21:44,472 INFO L78 Accepts]: Start accepts. Automaton has 6960 states and 12101 transitions. Word has length 133 [2025-03-03 14:21:44,472 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:44,472 INFO L471 AbstractCegarLoop]: Abstraction has 6960 states and 12101 transitions. [2025-03-03 14:21:44,472 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 29.666666666666668) internal successors, (89), 3 states have internal predecessors, (89), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:44,472 INFO L276 IsEmpty]: Start isEmpty. Operand 6960 states and 12101 transitions. [2025-03-03 14:21:44,496 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 135 [2025-03-03 14:21:44,496 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:44,496 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:44,496 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-03 14:21:44,497 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:44,497 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:44,497 INFO L85 PathProgramCache]: Analyzing trace with hash -1180788978, now seen corresponding path program 1 times [2025-03-03 14:21:44,497 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:44,497 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [759659387] [2025-03-03 14:21:44,497 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:44,498 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:44,513 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 134 statements into 1 equivalence classes. [2025-03-03 14:21:44,521 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 134 of 134 statements. [2025-03-03 14:21:44,521 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:44,521 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:44,553 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:44,553 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:44,553 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [759659387] [2025-03-03 14:21:44,553 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [759659387] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:44,553 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:44,554 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:44,554 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [987156884] [2025-03-03 14:21:44,554 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:44,555 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:44,555 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:44,555 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:44,555 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:44,556 INFO L87 Difference]: Start difference. First operand 6960 states and 12101 transitions. Second operand has 3 states, 3 states have (on average 30.0) internal successors, (90), 3 states have internal predecessors, (90), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:44,828 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:44,828 INFO L93 Difference]: Finished difference Result 17603 states and 30806 transitions. [2025-03-03 14:21:44,829 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:44,829 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 30.0) internal successors, (90), 3 states have internal predecessors, (90), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 134 [2025-03-03 14:21:44,829 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:44,882 INFO L225 Difference]: With dead ends: 17603 [2025-03-03 14:21:44,882 INFO L226 Difference]: Without dead ends: 11680 [2025-03-03 14:21:44,906 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:44,907 INFO L435 NwaCegarLoop]: 604 mSDtfsCounter, 114 mSDsluCounter, 596 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 132 SdHoareTripleChecker+Valid, 1200 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:44,907 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [132 Valid, 1200 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:44,917 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11680 states. [2025-03-03 14:21:45,389 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11680 to 11672. [2025-03-03 14:21:45,409 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11672 states, 9563 states have (on average 1.6712328767123288) internal successors, (15982), 9571 states have internal predecessors, (15982), 2076 states have call successors, (2076), 28 states have call predecessors, (2076), 32 states have return successors, (2271), 2074 states have call predecessors, (2271), 2075 states have call successors, (2271) [2025-03-03 14:21:45,467 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11672 states to 11672 states and 20329 transitions. [2025-03-03 14:21:45,473 INFO L78 Accepts]: Start accepts. Automaton has 11672 states and 20329 transitions. Word has length 134 [2025-03-03 14:21:45,473 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:45,473 INFO L471 AbstractCegarLoop]: Abstraction has 11672 states and 20329 transitions. [2025-03-03 14:21:45,474 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 30.0) internal successors, (90), 3 states have internal predecessors, (90), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:45,474 INFO L276 IsEmpty]: Start isEmpty. Operand 11672 states and 20329 transitions. [2025-03-03 14:21:45,512 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 136 [2025-03-03 14:21:45,512 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:45,512 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:45,512 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-03 14:21:45,512 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:45,513 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:45,513 INFO L85 PathProgramCache]: Analyzing trace with hash 2077559316, now seen corresponding path program 1 times [2025-03-03 14:21:45,513 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:45,513 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [632045993] [2025-03-03 14:21:45,513 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:45,513 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:45,529 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 135 statements into 1 equivalence classes. [2025-03-03 14:21:45,536 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 135 of 135 statements. [2025-03-03 14:21:45,537 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:45,537 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:45,572 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:45,572 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:45,572 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [632045993] [2025-03-03 14:21:45,572 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [632045993] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:45,572 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:45,572 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:45,572 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [307313355] [2025-03-03 14:21:45,572 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:45,573 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:45,573 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:45,573 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:45,573 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:45,573 INFO L87 Difference]: Start difference. First operand 11672 states and 20329 transitions. Second operand has 3 states, 3 states have (on average 30.333333333333332) internal successors, (91), 3 states have internal predecessors, (91), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:45,988 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:45,989 INFO L93 Difference]: Finished difference Result 27834 states and 48448 transitions. [2025-03-03 14:21:45,989 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:45,989 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 30.333333333333332) internal successors, (91), 3 states have internal predecessors, (91), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 135 [2025-03-03 14:21:45,989 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:46,073 INFO L225 Difference]: With dead ends: 27834 [2025-03-03 14:21:46,074 INFO L226 Difference]: Without dead ends: 18136 [2025-03-03 14:21:46,110 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:46,111 INFO L435 NwaCegarLoop]: 611 mSDtfsCounter, 112 mSDsluCounter, 569 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 1180 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:46,111 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 1180 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:21:46,128 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 18136 states. [2025-03-03 14:21:46,724 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 18136 to 18128. [2025-03-03 14:21:46,756 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 18128 states, 14816 states have (on average 1.6476106911447084) internal successors, (24411), 14824 states have internal predecessors, (24411), 3279 states have call successors, (3279), 28 states have call predecessors, (3279), 32 states have return successors, (3618), 3277 states have call predecessors, (3618), 3278 states have call successors, (3618) [2025-03-03 14:21:46,829 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18128 states to 18128 states and 31308 transitions. [2025-03-03 14:21:46,837 INFO L78 Accepts]: Start accepts. Automaton has 18128 states and 31308 transitions. Word has length 135 [2025-03-03 14:21:46,837 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:46,837 INFO L471 AbstractCegarLoop]: Abstraction has 18128 states and 31308 transitions. [2025-03-03 14:21:46,838 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 30.333333333333332) internal successors, (91), 3 states have internal predecessors, (91), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:46,838 INFO L276 IsEmpty]: Start isEmpty. Operand 18128 states and 31308 transitions. [2025-03-03 14:21:46,870 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 137 [2025-03-03 14:21:46,870 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:46,870 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:46,870 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-03 14:21:46,870 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:46,871 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:46,871 INFO L85 PathProgramCache]: Analyzing trace with hash 1403095503, now seen corresponding path program 1 times [2025-03-03 14:21:46,871 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:46,871 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [987373112] [2025-03-03 14:21:46,871 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:46,871 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:46,884 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 136 statements into 1 equivalence classes. [2025-03-03 14:21:46,890 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 136 of 136 statements. [2025-03-03 14:21:46,891 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:46,891 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:46,919 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:46,919 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:46,920 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [987373112] [2025-03-03 14:21:46,920 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [987373112] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:46,920 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:46,920 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:46,920 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1892635151] [2025-03-03 14:21:46,920 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:46,920 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:46,920 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:46,921 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:46,921 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:46,921 INFO L87 Difference]: Start difference. First operand 18128 states and 31308 transitions. Second operand has 3 states, 3 states have (on average 30.666666666666668) internal successors, (92), 3 states have internal predecessors, (92), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:47,693 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:47,693 INFO L93 Difference]: Finished difference Result 47861 states and 83017 transitions. [2025-03-03 14:21:47,693 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:47,694 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 30.666666666666668) internal successors, (92), 3 states have internal predecessors, (92), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 136 [2025-03-03 14:21:47,694 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:47,850 INFO L225 Difference]: With dead ends: 47861 [2025-03-03 14:21:47,850 INFO L226 Difference]: Without dead ends: 32306 [2025-03-03 14:21:47,912 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:47,913 INFO L435 NwaCegarLoop]: 602 mSDtfsCounter, 110 mSDsluCounter, 596 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1198 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:47,913 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1198 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:47,943 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 32306 states. [2025-03-03 14:21:48,999 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 32306 to 32298. [2025-03-03 14:21:49,048 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 32298 states, 26536 states have (on average 1.6450105517033464) internal successors, (43652), 26544 states have internal predecessors, (43652), 5729 states have call successors, (5729), 28 states have call predecessors, (5729), 32 states have return successors, (6342), 5727 states have call predecessors, (6342), 5728 states have call successors, (6342) [2025-03-03 14:21:49,150 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 32298 states to 32298 states and 55723 transitions. [2025-03-03 14:21:49,165 INFO L78 Accepts]: Start accepts. Automaton has 32298 states and 55723 transitions. Word has length 136 [2025-03-03 14:21:49,166 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:49,166 INFO L471 AbstractCegarLoop]: Abstraction has 32298 states and 55723 transitions. [2025-03-03 14:21:49,166 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 30.666666666666668) internal successors, (92), 3 states have internal predecessors, (92), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:49,166 INFO L276 IsEmpty]: Start isEmpty. Operand 32298 states and 55723 transitions. [2025-03-03 14:21:49,204 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 138 [2025-03-03 14:21:49,205 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:49,205 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:49,205 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-03 14:21:49,205 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:49,206 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:49,206 INFO L85 PathProgramCache]: Analyzing trace with hash 1474583763, now seen corresponding path program 1 times [2025-03-03 14:21:49,206 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:49,206 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1416554664] [2025-03-03 14:21:49,206 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:49,206 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:49,219 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 137 statements into 1 equivalence classes. [2025-03-03 14:21:49,225 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 137 of 137 statements. [2025-03-03 14:21:49,225 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:49,225 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:49,257 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:49,258 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:49,258 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1416554664] [2025-03-03 14:21:49,258 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1416554664] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:49,258 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:49,258 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:49,258 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1811529786] [2025-03-03 14:21:49,258 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:49,258 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:49,258 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:49,258 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:49,259 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:49,259 INFO L87 Difference]: Start difference. First operand 32298 states and 55723 transitions. Second operand has 3 states, 3 states have (on average 31.0) internal successors, (93), 3 states have internal predecessors, (93), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:50,285 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:50,286 INFO L93 Difference]: Finished difference Result 87978 states and 152339 transitions. [2025-03-03 14:21:50,286 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:50,286 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 31.0) internal successors, (93), 3 states have internal predecessors, (93), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 137 [2025-03-03 14:21:50,287 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:50,542 INFO L225 Difference]: With dead ends: 87978 [2025-03-03 14:21:50,542 INFO L226 Difference]: Without dead ends: 59120 [2025-03-03 14:21:50,619 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:50,620 INFO L435 NwaCegarLoop]: 611 mSDtfsCounter, 108 mSDsluCounter, 597 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 1208 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:50,620 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [126 Valid, 1208 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:50,669 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59120 states. [2025-03-03 14:21:52,545 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59120 to 59112. [2025-03-03 14:21:52,633 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59112 states, 48837 states have (on average 1.6412146528247027) internal successors, (80152), 48845 states have internal predecessors, (80152), 10242 states have call successors, (10242), 28 states have call predecessors, (10242), 32 states have return successors, (11387), 10240 states have call predecessors, (11387), 10241 states have call successors, (11387) [2025-03-03 14:21:52,874 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59112 states to 59112 states and 101781 transitions. [2025-03-03 14:21:52,906 INFO L78 Accepts]: Start accepts. Automaton has 59112 states and 101781 transitions. Word has length 137 [2025-03-03 14:21:52,906 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:52,907 INFO L471 AbstractCegarLoop]: Abstraction has 59112 states and 101781 transitions. [2025-03-03 14:21:52,907 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 31.0) internal successors, (93), 3 states have internal predecessors, (93), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:52,907 INFO L276 IsEmpty]: Start isEmpty. Operand 59112 states and 101781 transitions. [2025-03-03 14:21:52,962 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 139 [2025-03-03 14:21:52,963 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:52,963 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:52,963 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-03 14:21:52,963 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:52,963 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:52,964 INFO L85 PathProgramCache]: Analyzing trace with hash 287503664, now seen corresponding path program 1 times [2025-03-03 14:21:52,964 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:52,964 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [403527499] [2025-03-03 14:21:52,964 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:52,964 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:52,983 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 138 statements into 1 equivalence classes. [2025-03-03 14:21:52,993 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 138 of 138 statements. [2025-03-03 14:21:52,993 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:52,993 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:53,031 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:53,031 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:53,031 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [403527499] [2025-03-03 14:21:53,032 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [403527499] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:53,032 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:53,032 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:21:53,032 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [929879182] [2025-03-03 14:21:53,032 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:53,033 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:21:53,033 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:53,033 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:21:53,033 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:53,034 INFO L87 Difference]: Start difference. First operand 59112 states and 101781 transitions. Second operand has 3 states, 3 states have (on average 31.333333333333332) internal successors, (94), 3 states have internal predecessors, (94), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:54,920 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:21:54,920 INFO L93 Difference]: Finished difference Result 110559 states and 190838 transitions. [2025-03-03 14:21:54,921 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:21:54,921 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 31.333333333333332) internal successors, (94), 3 states have internal predecessors, (94), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) Word has length 138 [2025-03-03 14:21:54,921 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:21:55,458 INFO L225 Difference]: With dead ends: 110559 [2025-03-03 14:21:55,458 INFO L226 Difference]: Without dead ends: 110345 [2025-03-03 14:21:55,524 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:21:55,526 INFO L435 NwaCegarLoop]: 604 mSDtfsCounter, 103 mSDsluCounter, 600 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 1204 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:21:55,527 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [120 Valid, 1204 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:21:55,605 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 110345 states. [2025-03-03 14:21:58,599 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 110345 to 110337. [2025-03-03 14:21:58,726 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 110337 states, 91694 states have (on average 1.6361593997426223) internal successors, (150026), 91702 states have internal predecessors, (150026), 18610 states have call successors, (18610), 28 states have call predecessors, (18610), 32 states have return successors, (20801), 18608 states have call predecessors, (20801), 18609 states have call successors, (20801) [2025-03-03 14:21:59,096 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 110337 states to 110337 states and 189437 transitions. [2025-03-03 14:21:59,132 INFO L78 Accepts]: Start accepts. Automaton has 110337 states and 189437 transitions. Word has length 138 [2025-03-03 14:21:59,132 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:21:59,132 INFO L471 AbstractCegarLoop]: Abstraction has 110337 states and 189437 transitions. [2025-03-03 14:21:59,133 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 31.333333333333332) internal successors, (94), 3 states have internal predecessors, (94), 2 states have call successors, (17), 2 states have call predecessors, (17), 1 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14) [2025-03-03 14:21:59,133 INFO L276 IsEmpty]: Start isEmpty. Operand 110337 states and 189437 transitions. [2025-03-03 14:21:59,184 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 140 [2025-03-03 14:21:59,185 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:21:59,185 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:21:59,185 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-03 14:21:59,185 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:21:59,185 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:21:59,186 INFO L85 PathProgramCache]: Analyzing trace with hash -1353521326, now seen corresponding path program 1 times [2025-03-03 14:21:59,186 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:21:59,186 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [334978067] [2025-03-03 14:21:59,186 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:21:59,186 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:21:59,200 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 139 statements into 1 equivalence classes. [2025-03-03 14:21:59,213 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 139 of 139 statements. [2025-03-03 14:21:59,213 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:21:59,213 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:21:59,496 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:21:59,496 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:21:59,497 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [334978067] [2025-03-03 14:21:59,497 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [334978067] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:21:59,497 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:21:59,497 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [14] imperfect sequences [] total 14 [2025-03-03 14:21:59,497 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [900463905] [2025-03-03 14:21:59,497 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:21:59,498 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2025-03-03 14:21:59,498 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:21:59,498 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2025-03-03 14:21:59,499 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=25, Invalid=157, Unknown=0, NotChecked=0, Total=182 [2025-03-03 14:21:59,499 INFO L87 Difference]: Start difference. First operand 110337 states and 189437 transitions. Second operand has 14 states, 12 states have (on average 7.916666666666667) internal successors, (95), 12 states have internal predecessors, (95), 6 states have call successors, (17), 3 states have call predecessors, (17), 4 states have return successors, (14), 6 states have call predecessors, (14), 6 states have call successors, (14) [2025-03-03 14:22:05,100 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:05,100 INFO L93 Difference]: Finished difference Result 220016 states and 383162 transitions. [2025-03-03 14:22:05,104 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2025-03-03 14:22:05,104 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 12 states have (on average 7.916666666666667) internal successors, (95), 12 states have internal predecessors, (95), 6 states have call successors, (17), 3 states have call predecessors, (17), 4 states have return successors, (14), 6 states have call predecessors, (14), 6 states have call successors, (14) Word has length 139 [2025-03-03 14:22:05,104 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:06,223 INFO L225 Difference]: With dead ends: 220016 [2025-03-03 14:22:06,223 INFO L226 Difference]: Without dead ends: 219808 [2025-03-03 14:22:06,314 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 109 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=152, Invalid=778, Unknown=0, NotChecked=0, Total=930 [2025-03-03 14:22:06,316 INFO L435 NwaCegarLoop]: 679 mSDtfsCounter, 1733 mSDsluCounter, 7189 mSDsCounter, 0 mSdLazyCounter, 1470 mSolverCounterSat, 533 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1733 SdHoareTripleChecker+Valid, 7868 SdHoareTripleChecker+Invalid, 2003 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 533 IncrementalHoareTripleChecker+Valid, 1470 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.4s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:06,316 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [1733 Valid, 7868 Invalid, 2003 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [533 Valid, 1470 Invalid, 0 Unknown, 0 Unchecked, 1.4s Time] [2025-03-03 14:22:06,440 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 219808 states. [2025-03-03 14:22:12,719 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 219808 to 219706. [2025-03-03 14:22:12,967 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 219706 states, 182647 states have (on average 1.6367638121622583) internal successors, (298950), 182554 states have internal predecessors, (298950), 36976 states have call successors, (36976), 75 states have call predecessors, (36976), 82 states have return successors, (44634), 37082 states have call predecessors, (44634), 36973 states have call successors, (44634) [2025-03-03 14:22:13,677 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 219706 states to 219706 states and 380560 transitions. [2025-03-03 14:22:13,731 INFO L78 Accepts]: Start accepts. Automaton has 219706 states and 380560 transitions. Word has length 139 [2025-03-03 14:22:13,732 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:13,732 INFO L471 AbstractCegarLoop]: Abstraction has 219706 states and 380560 transitions. [2025-03-03 14:22:13,732 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 12 states have (on average 7.916666666666667) internal successors, (95), 12 states have internal predecessors, (95), 6 states have call successors, (17), 3 states have call predecessors, (17), 4 states have return successors, (14), 6 states have call predecessors, (14), 6 states have call successors, (14) [2025-03-03 14:22:13,732 INFO L276 IsEmpty]: Start isEmpty. Operand 219706 states and 380560 transitions. [2025-03-03 14:22:13,835 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 141 [2025-03-03 14:22:13,835 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:13,836 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:13,836 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2025-03-03 14:22:13,836 INFO L396 AbstractCegarLoop]: === Iteration 22 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:13,836 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:13,836 INFO L85 PathProgramCache]: Analyzing trace with hash 1670197690, now seen corresponding path program 1 times [2025-03-03 14:22:13,837 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:13,837 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [433914619] [2025-03-03 14:22:13,837 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:13,837 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:13,851 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 140 statements into 1 equivalence classes. [2025-03-03 14:22:13,861 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 140 of 140 statements. [2025-03-03 14:22:13,861 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:13,861 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:13,928 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:22:13,928 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:13,928 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [433914619] [2025-03-03 14:22:13,928 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [433914619] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:13,928 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:13,928 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:22:13,928 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [277909160] [2025-03-03 14:22:13,928 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:13,929 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:22:13,929 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:13,929 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:22:13,929 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:22:13,930 INFO L87 Difference]: Start difference. First operand 219706 states and 380560 transitions. Second operand has 5 states, 5 states have (on average 19.2) internal successors, (96), 5 states have internal predecessors, (96), 2 states have call successors, (17), 2 states have call predecessors, (17), 2 states have return successors, (14), 2 states have call predecessors, (14), 2 states have call successors, (14)