./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec27_product29.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec27_product29.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash f1b2e6fc3090957bb44fbf381fe29c5adbd1106bdb77e2b6b77c5e6e962ffc5b --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:22:31,045 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:22:31,095 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:22:31,098 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:22:31,098 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:22:31,118 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:22:31,119 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:22:31,119 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:22:31,120 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:22:31,120 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:22:31,120 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:22:31,120 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:22:31,121 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:22:31,121 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:22:31,121 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:22:31,122 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:22:31,122 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:22:31,122 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> f1b2e6fc3090957bb44fbf381fe29c5adbd1106bdb77e2b6b77c5e6e962ffc5b [2025-03-03 14:22:31,335 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:22:31,341 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:22:31,344 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:22:31,344 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:22:31,345 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:22:31,346 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec27_product29.cil.c [2025-03-03 14:22:32,531 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/80bfd5383/bf6e6945c6514f5e9895aec060d7f790/FLAG6b5e1242f [2025-03-03 14:22:32,897 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:22:32,898 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec27_product29.cil.c [2025-03-03 14:22:32,915 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/80bfd5383/bf6e6945c6514f5e9895aec060d7f790/FLAG6b5e1242f [2025-03-03 14:22:33,115 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/80bfd5383/bf6e6945c6514f5e9895aec060d7f790 [2025-03-03 14:22:33,117 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:22:33,118 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:22:33,119 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:22:33,119 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:22:33,122 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:22:33,122 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,123 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2fad7f3f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33, skipping insertion in model container [2025-03-03 14:22:33,123 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,163 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:22:33,487 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec27_product29.cil.c[37973,37986] [2025-03-03 14:22:33,604 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:22:33,625 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:22:33,632 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [48] [2025-03-03 14:22:33,633 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [414] [2025-03-03 14:22:33,633 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1494] [2025-03-03 14:22:33,633 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [1543] [2025-03-03 14:22:33,634 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1561] [2025-03-03 14:22:33,634 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [1570] [2025-03-03 14:22:33,634 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [1718] [2025-03-03 14:22:33,635 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [1943] [2025-03-03 14:22:33,635 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [2320] [2025-03-03 14:22:33,635 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [2717] [2025-03-03 14:22:33,636 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"VerifyForward_spec.i","") [2995] [2025-03-03 14:22:33,684 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec27_product29.cil.c[37973,37986] [2025-03-03 14:22:33,730 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:22:33,753 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:22:33,753 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33 WrapperNode [2025-03-03 14:22:33,753 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:22:33,754 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:22:33,754 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:22:33,754 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:22:33,758 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,773 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,817 INFO L138 Inliner]: procedures = 131, calls = 212, calls flagged for inlining = 54, calls inlined = 47, statements flattened = 927 [2025-03-03 14:22:33,817 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:22:33,818 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:22:33,818 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:22:33,818 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:22:33,828 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,829 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,837 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,865 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-03 14:22:33,866 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,866 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,880 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,881 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,884 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,885 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,888 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:22:33,889 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:22:33,889 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:22:33,889 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:22:33,890 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (1/1) ... [2025-03-03 14:22:33,893 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:22:33,905 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:22:33,917 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:22:33,920 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:22:33,935 INFO L130 BoogieDeclarations]: Found specification of procedure getClientPrivateKey [2025-03-03 14:22:33,935 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientPrivateKey [2025-03-03 14:22:33,935 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-03 14:22:33,935 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-03 14:22:33,935 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-03 14:22:33,936 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-03 14:22:33,936 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-03 14:22:33,936 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-03 14:22:33,936 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-03 14:22:33,936 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-03 14:22:33,936 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-03 14:22:33,936 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-03 14:22:33,936 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-03 14:22:33,937 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-03 14:22:33,937 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2025-03-03 14:22:33,937 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2025-03-03 14:22:33,937 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-03 14:22:33,937 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-03 14:22:33,938 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-03 14:22:33,938 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-03 14:22:33,938 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailSignKey [2025-03-03 14:22:33,938 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailSignKey [2025-03-03 14:22:33,938 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-03 14:22:33,938 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-03 14:22:33,938 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2025-03-03 14:22:33,938 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2025-03-03 14:22:33,938 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-03 14:22:33,938 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-03 14:22:33,938 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:22:33,938 INFO L130 BoogieDeclarations]: Found specification of procedure isSigned [2025-03-03 14:22:33,938 INFO L138 BoogieDeclarations]: Found implementation of procedure isSigned [2025-03-03 14:22:33,938 INFO L130 BoogieDeclarations]: Found specification of procedure isKeyPairValid [2025-03-03 14:22:33,938 INFO L138 BoogieDeclarations]: Found implementation of procedure isKeyPairValid [2025-03-03 14:22:33,938 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-03 14:22:33,938 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-03 14:22:33,938 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-03 14:22:33,938 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-03 14:22:33,938 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-03 14:22:33,938 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-03 14:22:33,938 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-03 14:22:33,939 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure isVerified [2025-03-03 14:22:33,939 INFO L138 BoogieDeclarations]: Found implementation of procedure isVerified [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-03 14:22:33,939 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure findPublicKey [2025-03-03 14:22:33,939 INFO L138 BoogieDeclarations]: Found implementation of procedure findPublicKey [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-03 14:22:33,939 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-03 14:22:33,939 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-03 14:22:33,939 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-03 14:22:33,939 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-03 14:22:33,939 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-03 14:22:33,939 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-03 14:22:33,939 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:22:33,939 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:22:34,104 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:22:34,106 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:22:34,190 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2624: #res := ~retValue_acc~40; [2025-03-03 14:22:34,196 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2698: #res := ~retValue_acc~42; [2025-03-03 14:22:34,210 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2231: #res := ~retValue_acc~31; [2025-03-03 14:22:34,249 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1083-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~13#1; [2025-03-03 14:22:34,249 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1128: #res#1 := ~retValue_acc~14#1; [2025-03-03 14:22:34,334 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1471-1: getClientId_#res#1 := getClientId_~retValue_acc~19#1; [2025-03-03 14:22:34,356 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1352: #res := ~retValue_acc~17; [2025-03-03 14:22:34,366 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1036: #res := ~retValue_acc~12; [2025-03-03 14:22:34,378 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1715-1: createEmail_#res#1 := createEmail_~retValue_acc~26#1; [2025-03-03 14:22:34,388 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L580: #res := ~retValue_acc~6; [2025-03-03 14:22:34,398 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2550: #res := ~retValue_acc~38; [2025-03-03 14:22:34,429 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2587: #res := ~retValue_acc~39; [2025-03-03 14:22:34,436 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2661: #res := ~retValue_acc~41; [2025-03-03 14:22:34,456 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2435: #res := ~retValue_acc~35; [2025-03-03 14:22:34,506 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L906: #res := ~retValue_acc~10; [2025-03-03 14:22:34,744 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1540-1: valid_product_#res#1 := valid_product_~retValue_acc~21#1; [2025-03-03 14:22:34,744 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2188-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~28#1; [2025-03-03 14:22:34,744 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2197-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~29#1; [2025-03-03 14:22:34,744 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2206-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~30#1; [2025-03-03 14:22:34,744 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1298-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~16#1; [2025-03-03 14:22:34,744 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1191-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~15#1; [2025-03-03 14:22:34,749 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2398: #res := ~retValue_acc~34; [2025-03-03 14:22:34,762 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1691: #res#1 := ~retValue_acc~24#1; [2025-03-03 14:22:34,762 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1671-1: isReadable__wrappee__Keys_#res#1 := isReadable__wrappee__Keys_~retValue_acc~23#1; [2025-03-03 14:22:34,889 INFO L? ?]: Removed 510 outVars from TransFormulas that were not future-live. [2025-03-03 14:22:34,889 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:22:34,912 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:22:34,914 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:22:34,915 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:22:34 BoogieIcfgContainer [2025-03-03 14:22:34,915 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:22:34,917 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:22:34,918 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:22:34,921 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:22:34,921 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:22:33" (1/3) ... [2025-03-03 14:22:34,922 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4fd3f877 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:22:34, skipping insertion in model container [2025-03-03 14:22:34,922 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:22:33" (2/3) ... [2025-03-03 14:22:34,922 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4fd3f877 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:22:34, skipping insertion in model container [2025-03-03 14:22:34,922 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:22:34" (3/3) ... [2025-03-03 14:22:34,923 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec27_product29.cil.c [2025-03-03 14:22:34,933 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:22:34,936 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec27_product29.cil.c that has 30 procedures, 414 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-03 14:22:34,997 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:22:35,006 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4d227889, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:22:35,007 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:22:35,012 INFO L276 IsEmpty]: Start isEmpty. Operand has 414 states, 319 states have (on average 1.5517241379310345) internal successors, (495), 324 states have internal predecessors, (495), 64 states have call successors, (64), 29 states have call predecessors, (64), 29 states have return successors, (64), 63 states have call predecessors, (64), 64 states have call successors, (64) [2025-03-03 14:22:35,036 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 171 [2025-03-03 14:22:35,036 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:35,036 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:35,037 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:35,042 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:35,043 INFO L85 PathProgramCache]: Analyzing trace with hash 1757282595, now seen corresponding path program 1 times [2025-03-03 14:22:35,048 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:35,049 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [458602773] [2025-03-03 14:22:35,049 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:35,050 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:35,128 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 170 statements into 1 equivalence classes. [2025-03-03 14:22:35,216 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 170 of 170 statements. [2025-03-03 14:22:35,217 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:35,217 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:35,699 INFO L134 CoverageAnalysis]: Checked inductivity of 53 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 47 trivial. 0 not checked. [2025-03-03 14:22:35,701 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:35,701 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [458602773] [2025-03-03 14:22:35,701 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [458602773] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:22:35,702 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [452508183] [2025-03-03 14:22:35,702 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:35,702 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:35,702 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:22:35,704 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:22:35,706 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:22:35,896 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 170 statements into 1 equivalence classes. [2025-03-03 14:22:36,045 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 170 of 170 statements. [2025-03-03 14:22:36,045 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:36,045 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:36,052 INFO L256 TraceCheckSpWp]: Trace formula consists of 1291 conjuncts, 1 conjuncts are in the unsatisfiable core [2025-03-03 14:22:36,062 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:22:36,088 INFO L134 CoverageAnalysis]: Checked inductivity of 53 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 53 trivial. 0 not checked. [2025-03-03 14:22:36,088 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:22:36,088 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [452508183] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:36,088 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:22:36,093 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [5] total 5 [2025-03-03 14:22:36,094 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [604203973] [2025-03-03 14:22:36,095 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:36,097 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:22:36,098 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:36,115 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:22:36,116 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:22:36,119 INFO L87 Difference]: Start difference. First operand has 414 states, 319 states have (on average 1.5517241379310345) internal successors, (495), 324 states have internal predecessors, (495), 64 states have call successors, (64), 29 states have call predecessors, (64), 29 states have return successors, (64), 63 states have call predecessors, (64), 64 states have call successors, (64) Second operand has 2 states, 2 states have (on average 45.0) internal successors, (90), 2 states have internal predecessors, (90), 2 states have call successors, (26), 2 states have call predecessors, (26), 2 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:36,174 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:36,174 INFO L93 Difference]: Finished difference Result 641 states and 946 transitions. [2025-03-03 14:22:36,175 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:22:36,176 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 45.0) internal successors, (90), 2 states have internal predecessors, (90), 2 states have call successors, (26), 2 states have call predecessors, (26), 2 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) Word has length 170 [2025-03-03 14:22:36,176 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:36,188 INFO L225 Difference]: With dead ends: 641 [2025-03-03 14:22:36,188 INFO L226 Difference]: Without dead ends: 407 [2025-03-03 14:22:36,195 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 174 GetRequests, 171 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:22:36,197 INFO L435 NwaCegarLoop]: 620 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 620 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:36,197 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 620 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:36,210 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 407 states. [2025-03-03 14:22:36,251 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 407 to 407. [2025-03-03 14:22:36,253 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 407 states, 313 states have (on average 1.549520766773163) internal successors, (485), 317 states have internal predecessors, (485), 64 states have call successors, (64), 29 states have call predecessors, (64), 29 states have return successors, (63), 62 states have call predecessors, (63), 63 states have call successors, (63) [2025-03-03 14:22:36,258 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 407 states to 407 states and 612 transitions. [2025-03-03 14:22:36,264 INFO L78 Accepts]: Start accepts. Automaton has 407 states and 612 transitions. Word has length 170 [2025-03-03 14:22:36,265 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:36,265 INFO L471 AbstractCegarLoop]: Abstraction has 407 states and 612 transitions. [2025-03-03 14:22:36,265 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 45.0) internal successors, (90), 2 states have internal predecessors, (90), 2 states have call successors, (26), 2 states have call predecessors, (26), 2 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:36,265 INFO L276 IsEmpty]: Start isEmpty. Operand 407 states and 612 transitions. [2025-03-03 14:22:36,273 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 153 [2025-03-03 14:22:36,273 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:36,274 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:36,282 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-03 14:22:36,478 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-03 14:22:36,478 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:36,479 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:36,479 INFO L85 PathProgramCache]: Analyzing trace with hash 2108846543, now seen corresponding path program 1 times [2025-03-03 14:22:36,479 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:36,479 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2145260148] [2025-03-03 14:22:36,479 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:36,479 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:36,520 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 152 statements into 1 equivalence classes. [2025-03-03 14:22:36,535 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 152 of 152 statements. [2025-03-03 14:22:36,536 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:36,536 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:36,764 INFO L134 CoverageAnalysis]: Checked inductivity of 41 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 35 trivial. 0 not checked. [2025-03-03 14:22:36,766 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:36,766 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2145260148] [2025-03-03 14:22:36,766 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2145260148] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:22:36,766 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [749705911] [2025-03-03 14:22:36,766 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:36,767 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:36,767 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:22:36,769 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:22:36,771 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:22:36,923 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 152 statements into 1 equivalence classes. [2025-03-03 14:22:37,063 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 152 of 152 statements. [2025-03-03 14:22:37,063 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:37,063 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:37,068 INFO L256 TraceCheckSpWp]: Trace formula consists of 1214 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-03 14:22:37,078 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:22:37,111 INFO L134 CoverageAnalysis]: Checked inductivity of 41 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 41 trivial. 0 not checked. [2025-03-03 14:22:37,112 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:22:37,112 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [749705911] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:37,112 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:22:37,115 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:22:37,116 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1730180418] [2025-03-03 14:22:37,116 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:37,117 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:22:37,117 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:37,118 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:22:37,118 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:22:37,118 INFO L87 Difference]: Start difference. First operand 407 states and 612 transitions. Second operand has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:22:37,160 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:37,160 INFO L93 Difference]: Finished difference Result 630 states and 924 transitions. [2025-03-03 14:22:37,163 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:22:37,164 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 152 [2025-03-03 14:22:37,164 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:37,166 INFO L225 Difference]: With dead ends: 630 [2025-03-03 14:22:37,169 INFO L226 Difference]: Without dead ends: 409 [2025-03-03 14:22:37,170 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 156 GetRequests, 152 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:22:37,170 INFO L435 NwaCegarLoop]: 611 mSDtfsCounter, 0 mSDsluCounter, 609 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1220 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:37,171 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1220 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:37,173 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 409 states. [2025-03-03 14:22:37,196 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 409 to 409. [2025-03-03 14:22:37,197 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 409 states, 315 states have (on average 1.546031746031746) internal successors, (487), 319 states have internal predecessors, (487), 64 states have call successors, (64), 29 states have call predecessors, (64), 29 states have return successors, (63), 62 states have call predecessors, (63), 63 states have call successors, (63) [2025-03-03 14:22:37,201 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 409 states to 409 states and 614 transitions. [2025-03-03 14:22:37,203 INFO L78 Accepts]: Start accepts. Automaton has 409 states and 614 transitions. Word has length 152 [2025-03-03 14:22:37,204 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:37,204 INFO L471 AbstractCegarLoop]: Abstraction has 409 states and 614 transitions. [2025-03-03 14:22:37,204 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:22:37,204 INFO L276 IsEmpty]: Start isEmpty. Operand 409 states and 614 transitions. [2025-03-03 14:22:37,209 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 158 [2025-03-03 14:22:37,209 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:37,209 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:37,217 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-03-03 14:22:37,409 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-03 14:22:37,410 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:37,410 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:37,410 INFO L85 PathProgramCache]: Analyzing trace with hash -572252285, now seen corresponding path program 1 times [2025-03-03 14:22:37,410 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:37,411 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1952561077] [2025-03-03 14:22:37,411 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:37,411 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:37,448 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 157 statements into 1 equivalence classes. [2025-03-03 14:22:37,454 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 157 of 157 statements. [2025-03-03 14:22:37,455 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:37,455 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:37,658 INFO L134 CoverageAnalysis]: Checked inductivity of 43 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 37 trivial. 0 not checked. [2025-03-03 14:22:37,658 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:37,658 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1952561077] [2025-03-03 14:22:37,658 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1952561077] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:22:37,658 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [656598752] [2025-03-03 14:22:37,658 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:37,659 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:37,659 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:22:37,660 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:22:37,663 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:22:37,812 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 157 statements into 1 equivalence classes. [2025-03-03 14:22:37,945 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 157 of 157 statements. [2025-03-03 14:22:37,947 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:37,947 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:37,952 INFO L256 TraceCheckSpWp]: Trace formula consists of 1226 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:22:37,959 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:22:37,977 INFO L134 CoverageAnalysis]: Checked inductivity of 43 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 41 trivial. 0 not checked. [2025-03-03 14:22:37,977 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:22:37,977 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [656598752] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:37,977 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:22:37,977 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:22:37,977 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1552983793] [2025-03-03 14:22:37,977 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:37,978 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:22:37,978 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:37,978 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:22:37,979 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:22:37,979 INFO L87 Difference]: Start difference. First operand 409 states and 614 transitions. Second operand has 3 states, 3 states have (on average 29.666666666666668) internal successors, (89), 3 states have internal predecessors, (89), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:22:38,020 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:38,022 INFO L93 Difference]: Finished difference Result 860 states and 1311 transitions. [2025-03-03 14:22:38,022 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:22:38,022 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 29.666666666666668) internal successors, (89), 3 states have internal predecessors, (89), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 157 [2025-03-03 14:22:38,023 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:38,025 INFO L225 Difference]: With dead ends: 860 [2025-03-03 14:22:38,025 INFO L226 Difference]: Without dead ends: 478 [2025-03-03 14:22:38,028 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 161 GetRequests, 157 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:22:38,028 INFO L435 NwaCegarLoop]: 617 mSDtfsCounter, 126 mSDsluCounter, 564 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 1181 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:38,029 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 1181 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:38,029 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 478 states. [2025-03-03 14:22:38,046 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 478 to 470. [2025-03-03 14:22:38,047 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 470 states, 362 states have (on average 1.5662983425414365) internal successors, (567), 366 states have internal predecessors, (567), 78 states have call successors, (78), 29 states have call predecessors, (78), 29 states have return successors, (77), 76 states have call predecessors, (77), 77 states have call successors, (77) [2025-03-03 14:22:38,051 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 470 states to 470 states and 722 transitions. [2025-03-03 14:22:38,053 INFO L78 Accepts]: Start accepts. Automaton has 470 states and 722 transitions. Word has length 157 [2025-03-03 14:22:38,053 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:38,054 INFO L471 AbstractCegarLoop]: Abstraction has 470 states and 722 transitions. [2025-03-03 14:22:38,054 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 29.666666666666668) internal successors, (89), 3 states have internal predecessors, (89), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:22:38,055 INFO L276 IsEmpty]: Start isEmpty. Operand 470 states and 722 transitions. [2025-03-03 14:22:38,057 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 159 [2025-03-03 14:22:38,059 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:38,059 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:38,067 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2025-03-03 14:22:38,259 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:38,260 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:38,260 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:38,260 INFO L85 PathProgramCache]: Analyzing trace with hash 2142612916, now seen corresponding path program 1 times [2025-03-03 14:22:38,261 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:38,261 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1447516573] [2025-03-03 14:22:38,261 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:38,261 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:38,286 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 158 statements into 1 equivalence classes. [2025-03-03 14:22:38,293 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 158 of 158 statements. [2025-03-03 14:22:38,293 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:38,293 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:38,443 INFO L134 CoverageAnalysis]: Checked inductivity of 43 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 37 trivial. 0 not checked. [2025-03-03 14:22:38,444 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:38,444 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1447516573] [2025-03-03 14:22:38,444 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1447516573] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:22:38,444 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [206557635] [2025-03-03 14:22:38,444 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:38,444 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:38,445 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:22:38,446 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:22:38,448 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-03 14:22:38,610 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 158 statements into 1 equivalence classes. [2025-03-03 14:22:38,721 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 158 of 158 statements. [2025-03-03 14:22:38,721 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:38,721 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:38,727 INFO L256 TraceCheckSpWp]: Trace formula consists of 1231 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-03 14:22:38,731 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:22:38,776 INFO L134 CoverageAnalysis]: Checked inductivity of 43 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:22:38,779 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:22:38,780 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [206557635] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:38,780 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:22:38,780 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:22:38,780 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [579419034] [2025-03-03 14:22:38,780 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:38,780 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:22:38,780 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:38,781 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:22:38,781 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:22:38,781 INFO L87 Difference]: Start difference. First operand 470 states and 722 transitions. Second operand has 5 states, 4 states have (on average 24.5) internal successors, (98), 5 states have internal predecessors, (98), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:22:38,850 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:38,850 INFO L93 Difference]: Finished difference Result 931 states and 1434 transitions. [2025-03-03 14:22:38,851 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:22:38,852 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 24.5) internal successors, (98), 5 states have internal predecessors, (98), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) Word has length 158 [2025-03-03 14:22:38,852 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:38,855 INFO L225 Difference]: With dead ends: 931 [2025-03-03 14:22:38,857 INFO L226 Difference]: Without dead ends: 472 [2025-03-03 14:22:38,859 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 162 GetRequests, 156 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:22:38,860 INFO L435 NwaCegarLoop]: 604 mSDtfsCounter, 2 mSDsluCounter, 1801 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2405 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:38,861 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2405 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:38,862 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 472 states. [2025-03-03 14:22:38,882 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 472 to 472. [2025-03-03 14:22:38,883 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 472 states, 363 states have (on average 1.5647382920110193) internal successors, (568), 368 states have internal predecessors, (568), 78 states have call successors, (78), 29 states have call predecessors, (78), 30 states have return successors, (79), 76 states have call predecessors, (79), 77 states have call successors, (79) [2025-03-03 14:22:38,886 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 472 states to 472 states and 725 transitions. [2025-03-03 14:22:38,887 INFO L78 Accepts]: Start accepts. Automaton has 472 states and 725 transitions. Word has length 158 [2025-03-03 14:22:38,888 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:38,888 INFO L471 AbstractCegarLoop]: Abstraction has 472 states and 725 transitions. [2025-03-03 14:22:38,889 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 24.5) internal successors, (98), 5 states have internal predecessors, (98), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:22:38,889 INFO L276 IsEmpty]: Start isEmpty. Operand 472 states and 725 transitions. [2025-03-03 14:22:38,891 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 160 [2025-03-03 14:22:38,893 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:38,894 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:38,902 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2025-03-03 14:22:39,094 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:39,095 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:39,095 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:39,095 INFO L85 PathProgramCache]: Analyzing trace with hash 969930989, now seen corresponding path program 1 times [2025-03-03 14:22:39,095 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:39,095 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1699098886] [2025-03-03 14:22:39,095 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:39,095 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:39,114 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 159 statements into 1 equivalence classes. [2025-03-03 14:22:39,126 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 159 of 159 statements. [2025-03-03 14:22:39,126 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:39,126 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:39,287 INFO L134 CoverageAnalysis]: Checked inductivity of 43 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2025-03-03 14:22:39,287 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:39,287 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1699098886] [2025-03-03 14:22:39,287 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1699098886] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:22:39,287 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1596441137] [2025-03-03 14:22:39,287 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:39,287 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:39,288 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:22:39,289 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:22:39,291 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-03 14:22:39,434 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 159 statements into 1 equivalence classes. [2025-03-03 14:22:39,545 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 159 of 159 statements. [2025-03-03 14:22:39,545 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:39,545 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:39,551 INFO L256 TraceCheckSpWp]: Trace formula consists of 1232 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:22:39,554 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:22:39,589 INFO L134 CoverageAnalysis]: Checked inductivity of 43 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:22:39,590 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:22:39,590 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1596441137] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:39,590 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:22:39,590 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-03 14:22:39,590 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1570504649] [2025-03-03 14:22:39,590 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:39,591 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:22:39,591 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:39,591 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:22:39,592 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:22:39,592 INFO L87 Difference]: Start difference. First operand 472 states and 725 transitions. Second operand has 5 states, 5 states have (on average 20.0) internal successors, (100), 5 states have internal predecessors, (100), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:22:39,654 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:39,654 INFO L93 Difference]: Finished difference Result 933 states and 1439 transitions. [2025-03-03 14:22:39,654 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:22:39,655 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 20.0) internal successors, (100), 5 states have internal predecessors, (100), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 3 states have call successors, (20) Word has length 159 [2025-03-03 14:22:39,655 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:39,659 INFO L225 Difference]: With dead ends: 933 [2025-03-03 14:22:39,659 INFO L226 Difference]: Without dead ends: 474 [2025-03-03 14:22:39,661 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 166 GetRequests, 157 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:22:39,662 INFO L435 NwaCegarLoop]: 602 mSDtfsCounter, 2 mSDsluCounter, 1789 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2391 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:39,663 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2391 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:39,664 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 474 states. [2025-03-03 14:22:39,687 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 474 to 474. [2025-03-03 14:22:39,688 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 474 states, 364 states have (on average 1.5631868131868132) internal successors, (569), 370 states have internal predecessors, (569), 78 states have call successors, (78), 29 states have call predecessors, (78), 31 states have return successors, (84), 76 states have call predecessors, (84), 77 states have call successors, (84) [2025-03-03 14:22:39,691 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 474 states to 474 states and 731 transitions. [2025-03-03 14:22:39,691 INFO L78 Accepts]: Start accepts. Automaton has 474 states and 731 transitions. Word has length 159 [2025-03-03 14:22:39,692 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:39,692 INFO L471 AbstractCegarLoop]: Abstraction has 474 states and 731 transitions. [2025-03-03 14:22:39,692 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 20.0) internal successors, (100), 5 states have internal predecessors, (100), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:22:39,692 INFO L276 IsEmpty]: Start isEmpty. Operand 474 states and 731 transitions. [2025-03-03 14:22:39,694 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 180 [2025-03-03 14:22:39,694 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:39,695 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:39,703 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2025-03-03 14:22:39,895 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:39,895 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:39,896 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:39,896 INFO L85 PathProgramCache]: Analyzing trace with hash 8334036, now seen corresponding path program 1 times [2025-03-03 14:22:39,896 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:39,896 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1154704940] [2025-03-03 14:22:39,896 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:39,896 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:39,917 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 179 statements into 1 equivalence classes. [2025-03-03 14:22:39,922 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 179 of 179 statements. [2025-03-03 14:22:39,922 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:39,922 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:40,077 INFO L134 CoverageAnalysis]: Checked inductivity of 55 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 49 trivial. 0 not checked. [2025-03-03 14:22:40,077 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:40,077 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1154704940] [2025-03-03 14:22:40,077 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1154704940] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:40,077 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:40,077 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:22:40,077 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1708367453] [2025-03-03 14:22:40,078 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:40,078 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:22:40,078 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:40,079 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:22:40,079 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:22:40,080 INFO L87 Difference]: Start difference. First operand 474 states and 731 transitions. Second operand has 5 states, 4 states have (on average 25.75) internal successors, (103), 5 states have internal predecessors, (103), 3 states have call successors, (26), 2 states have call predecessors, (26), 2 states have return successors, (23), 2 states have call predecessors, (23), 3 states have call successors, (23) [2025-03-03 14:22:40,124 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:40,124 INFO L93 Difference]: Finished difference Result 925 states and 1430 transitions. [2025-03-03 14:22:40,124 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:22:40,125 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 25.75) internal successors, (103), 5 states have internal predecessors, (103), 3 states have call successors, (26), 2 states have call predecessors, (26), 2 states have return successors, (23), 2 states have call predecessors, (23), 3 states have call successors, (23) Word has length 179 [2025-03-03 14:22:40,125 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:40,128 INFO L225 Difference]: With dead ends: 925 [2025-03-03 14:22:40,129 INFO L226 Difference]: Without dead ends: 474 [2025-03-03 14:22:40,130 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:22:40,131 INFO L435 NwaCegarLoop]: 605 mSDtfsCounter, 2 mSDsluCounter, 1804 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2409 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:40,132 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2409 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:40,134 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 474 states. [2025-03-03 14:22:40,151 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 474 to 474. [2025-03-03 14:22:40,152 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 474 states, 364 states have (on average 1.5631868131868132) internal successors, (569), 370 states have internal predecessors, (569), 78 states have call successors, (78), 29 states have call predecessors, (78), 31 states have return successors, (83), 76 states have call predecessors, (83), 77 states have call successors, (83) [2025-03-03 14:22:40,154 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 474 states to 474 states and 730 transitions. [2025-03-03 14:22:40,155 INFO L78 Accepts]: Start accepts. Automaton has 474 states and 730 transitions. Word has length 179 [2025-03-03 14:22:40,155 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:40,155 INFO L471 AbstractCegarLoop]: Abstraction has 474 states and 730 transitions. [2025-03-03 14:22:40,156 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 25.75) internal successors, (103), 5 states have internal predecessors, (103), 3 states have call successors, (26), 2 states have call predecessors, (26), 2 states have return successors, (23), 2 states have call predecessors, (23), 3 states have call successors, (23) [2025-03-03 14:22:40,156 INFO L276 IsEmpty]: Start isEmpty. Operand 474 states and 730 transitions. [2025-03-03 14:22:40,158 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 181 [2025-03-03 14:22:40,159 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:40,159 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:40,159 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:22:40,160 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:40,162 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:40,162 INFO L85 PathProgramCache]: Analyzing trace with hash 242903133, now seen corresponding path program 2 times [2025-03-03 14:22:40,162 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:40,162 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [652763996] [2025-03-03 14:22:40,162 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:22:40,162 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:40,181 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 180 statements into 2 equivalence classes. [2025-03-03 14:22:40,187 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) and asserted 81 of 180 statements. [2025-03-03 14:22:40,187 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2025-03-03 14:22:40,187 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:40,320 INFO L134 CoverageAnalysis]: Checked inductivity of 56 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2025-03-03 14:22:40,320 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:40,320 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [652763996] [2025-03-03 14:22:40,320 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [652763996] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:40,320 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:40,320 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:22:40,320 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [38778950] [2025-03-03 14:22:40,320 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:40,321 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:22:40,321 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:40,321 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:22:40,321 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:22:40,321 INFO L87 Difference]: Start difference. First operand 474 states and 730 transitions. Second operand has 8 states, 8 states have (on average 13.125) internal successors, (105), 7 states have internal predecessors, (105), 3 states have call successors, (26), 2 states have call predecessors, (26), 3 states have return successors, (23), 4 states have call predecessors, (23), 3 states have call successors, (23) [2025-03-03 14:22:40,708 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:40,708 INFO L93 Difference]: Finished difference Result 1241 states and 1888 transitions. [2025-03-03 14:22:40,708 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2025-03-03 14:22:40,709 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 13.125) internal successors, (105), 7 states have internal predecessors, (105), 3 states have call successors, (26), 2 states have call predecessors, (26), 3 states have return successors, (23), 4 states have call predecessors, (23), 3 states have call successors, (23) Word has length 180 [2025-03-03 14:22:40,709 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:40,715 INFO L225 Difference]: With dead ends: 1241 [2025-03-03 14:22:40,715 INFO L226 Difference]: Without dead ends: 1026 [2025-03-03 14:22:40,716 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=39, Invalid=117, Unknown=0, NotChecked=0, Total=156 [2025-03-03 14:22:40,717 INFO L435 NwaCegarLoop]: 631 mSDtfsCounter, 668 mSDsluCounter, 3617 mSDsCounter, 0 mSdLazyCounter, 317 mSolverCounterSat, 33 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 683 SdHoareTripleChecker+Valid, 4248 SdHoareTripleChecker+Invalid, 350 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 33 IncrementalHoareTripleChecker+Valid, 317 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:40,717 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [683 Valid, 4248 Invalid, 350 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [33 Valid, 317 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2025-03-03 14:22:40,718 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1026 states. [2025-03-03 14:22:40,751 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1026 to 943. [2025-03-03 14:22:40,752 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 943 states, 726 states have (on average 1.5674931129476584) internal successors, (1138), 735 states have internal predecessors, (1138), 154 states have call successors, (154), 59 states have call predecessors, (154), 62 states have return successors, (168), 152 states have call predecessors, (168), 152 states have call successors, (168) [2025-03-03 14:22:40,757 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 943 states to 943 states and 1460 transitions. [2025-03-03 14:22:40,758 INFO L78 Accepts]: Start accepts. Automaton has 943 states and 1460 transitions. Word has length 180 [2025-03-03 14:22:40,759 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:40,759 INFO L471 AbstractCegarLoop]: Abstraction has 943 states and 1460 transitions. [2025-03-03 14:22:40,759 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 13.125) internal successors, (105), 7 states have internal predecessors, (105), 3 states have call successors, (26), 2 states have call predecessors, (26), 3 states have return successors, (23), 4 states have call predecessors, (23), 3 states have call successors, (23) [2025-03-03 14:22:40,759 INFO L276 IsEmpty]: Start isEmpty. Operand 943 states and 1460 transitions. [2025-03-03 14:22:40,763 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 163 [2025-03-03 14:22:40,763 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:40,763 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:40,763 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:22:40,763 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:40,764 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:40,764 INFO L85 PathProgramCache]: Analyzing trace with hash -397471774, now seen corresponding path program 1 times [2025-03-03 14:22:40,764 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:40,764 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1631524181] [2025-03-03 14:22:40,764 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:40,764 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:40,781 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 162 statements into 1 equivalence classes. [2025-03-03 14:22:40,786 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 162 of 162 statements. [2025-03-03 14:22:40,786 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:40,787 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:40,925 INFO L134 CoverageAnalysis]: Checked inductivity of 44 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 37 trivial. 0 not checked. [2025-03-03 14:22:40,926 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:40,927 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1631524181] [2025-03-03 14:22:40,927 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1631524181] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:40,927 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:40,927 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:22:40,927 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1249724809] [2025-03-03 14:22:40,927 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:40,927 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:22:40,927 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:40,928 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:22:40,928 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:22:40,928 INFO L87 Difference]: Start difference. First operand 943 states and 1460 transitions. Second operand has 5 states, 4 states have (on average 24.75) internal successors, (99), 5 states have internal predecessors, (99), 3 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:22:40,988 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:40,989 INFO L93 Difference]: Finished difference Result 1855 states and 2880 transitions. [2025-03-03 14:22:40,989 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:22:40,989 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 24.75) internal successors, (99), 5 states have internal predecessors, (99), 3 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) Word has length 162 [2025-03-03 14:22:40,990 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:40,995 INFO L225 Difference]: With dead ends: 1855 [2025-03-03 14:22:40,995 INFO L226 Difference]: Without dead ends: 947 [2025-03-03 14:22:40,998 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:22:40,998 INFO L435 NwaCegarLoop]: 606 mSDtfsCounter, 1 mSDsluCounter, 1806 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2412 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:40,998 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2412 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:41,000 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 947 states. [2025-03-03 14:22:41,033 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 947 to 947. [2025-03-03 14:22:41,034 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 947 states, 728 states have (on average 1.565934065934066) internal successors, (1140), 739 states have internal predecessors, (1140), 154 states have call successors, (154), 59 states have call predecessors, (154), 64 states have return successors, (171), 152 states have call predecessors, (171), 152 states have call successors, (171) [2025-03-03 14:22:41,042 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 947 states to 947 states and 1465 transitions. [2025-03-03 14:22:41,043 INFO L78 Accepts]: Start accepts. Automaton has 947 states and 1465 transitions. Word has length 162 [2025-03-03 14:22:41,044 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:41,044 INFO L471 AbstractCegarLoop]: Abstraction has 947 states and 1465 transitions. [2025-03-03 14:22:41,044 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 24.75) internal successors, (99), 5 states have internal predecessors, (99), 3 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:22:41,044 INFO L276 IsEmpty]: Start isEmpty. Operand 947 states and 1465 transitions. [2025-03-03 14:22:41,048 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 164 [2025-03-03 14:22:41,048 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:41,049 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:41,049 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:22:41,049 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:41,049 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:41,050 INFO L85 PathProgramCache]: Analyzing trace with hash 2116349884, now seen corresponding path program 1 times [2025-03-03 14:22:41,050 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:41,050 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1089933708] [2025-03-03 14:22:41,050 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:41,050 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:41,073 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 163 statements into 1 equivalence classes. [2025-03-03 14:22:41,079 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 163 of 163 statements. [2025-03-03 14:22:41,080 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:41,080 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:41,204 INFO L134 CoverageAnalysis]: Checked inductivity of 44 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2025-03-03 14:22:41,204 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:41,204 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1089933708] [2025-03-03 14:22:41,204 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1089933708] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:41,204 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:41,204 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:22:41,204 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1657026528] [2025-03-03 14:22:41,204 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:41,205 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:22:41,205 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:41,205 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:22:41,205 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:22:41,206 INFO L87 Difference]: Start difference. First operand 947 states and 1465 transitions. Second operand has 8 states, 7 states have (on average 14.714285714285714) internal successors, (103), 8 states have internal predecessors, (103), 4 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 4 states have call successors, (20) [2025-03-03 14:22:41,351 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:41,351 INFO L93 Difference]: Finished difference Result 1853 states and 2872 transitions. [2025-03-03 14:22:41,352 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-03-03 14:22:41,352 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 14.714285714285714) internal successors, (103), 8 states have internal predecessors, (103), 4 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 4 states have call successors, (20) Word has length 163 [2025-03-03 14:22:41,352 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:41,357 INFO L225 Difference]: With dead ends: 1853 [2025-03-03 14:22:41,357 INFO L226 Difference]: Without dead ends: 951 [2025-03-03 14:22:41,359 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2025-03-03 14:22:41,359 INFO L435 NwaCegarLoop]: 596 mSDtfsCounter, 7 mSDsluCounter, 3547 mSDsCounter, 0 mSdLazyCounter, 145 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 8 SdHoareTripleChecker+Valid, 4143 SdHoareTripleChecker+Invalid, 149 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 145 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:41,359 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [8 Valid, 4143 Invalid, 149 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 145 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:22:41,360 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 951 states. [2025-03-03 14:22:41,386 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 951 to 949. [2025-03-03 14:22:41,387 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 949 states, 730 states have (on average 1.5643835616438355) internal successors, (1142), 740 states have internal predecessors, (1142), 154 states have call successors, (154), 60 states have call predecessors, (154), 64 states have return successors, (169), 152 states have call predecessors, (169), 152 states have call successors, (169) [2025-03-03 14:22:41,392 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 949 states to 949 states and 1465 transitions. [2025-03-03 14:22:41,393 INFO L78 Accepts]: Start accepts. Automaton has 949 states and 1465 transitions. Word has length 163 [2025-03-03 14:22:41,393 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:41,393 INFO L471 AbstractCegarLoop]: Abstraction has 949 states and 1465 transitions. [2025-03-03 14:22:41,393 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 14.714285714285714) internal successors, (103), 8 states have internal predecessors, (103), 4 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 4 states have call successors, (20) [2025-03-03 14:22:41,393 INFO L276 IsEmpty]: Start isEmpty. Operand 949 states and 1465 transitions. [2025-03-03 14:22:41,397 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 165 [2025-03-03 14:22:41,397 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:41,397 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:41,397 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:22:41,397 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:41,397 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:41,397 INFO L85 PathProgramCache]: Analyzing trace with hash -2025017620, now seen corresponding path program 1 times [2025-03-03 14:22:41,398 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:41,398 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1971177116] [2025-03-03 14:22:41,398 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:41,398 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:41,414 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 164 statements into 1 equivalence classes. [2025-03-03 14:22:41,417 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 164 of 164 statements. [2025-03-03 14:22:41,417 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:41,418 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:41,499 INFO L134 CoverageAnalysis]: Checked inductivity of 47 backedges. 0 proven. 8 refuted. 0 times theorem prover too weak. 39 trivial. 0 not checked. [2025-03-03 14:22:41,499 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:41,499 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1971177116] [2025-03-03 14:22:41,499 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1971177116] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:22:41,499 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2022046071] [2025-03-03 14:22:41,499 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:41,500 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:41,500 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:22:41,502 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:22:41,503 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-03 14:22:41,649 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 164 statements into 1 equivalence classes. [2025-03-03 14:22:41,750 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 164 of 164 statements. [2025-03-03 14:22:41,750 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:41,750 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:41,755 INFO L256 TraceCheckSpWp]: Trace formula consists of 1237 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:22:41,759 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:22:41,792 INFO L134 CoverageAnalysis]: Checked inductivity of 47 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 29 trivial. 0 not checked. [2025-03-03 14:22:41,792 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:22:41,793 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2022046071] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:41,793 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:22:41,793 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:22:41,794 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [327560294] [2025-03-03 14:22:41,794 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:41,794 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:22:41,794 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:41,795 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:22:41,795 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:22:41,795 INFO L87 Difference]: Start difference. First operand 949 states and 1465 transitions. Second operand has 5 states, 5 states have (on average 20.0) internal successors, (100), 5 states have internal predecessors, (100), 2 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:22:41,882 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:41,883 INFO L93 Difference]: Finished difference Result 1430 states and 2207 transitions. [2025-03-03 14:22:41,883 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:22:41,883 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 20.0) internal successors, (100), 5 states have internal predecessors, (100), 2 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 164 [2025-03-03 14:22:41,884 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:41,890 INFO L225 Difference]: With dead ends: 1430 [2025-03-03 14:22:41,890 INFO L226 Difference]: Without dead ends: 955 [2025-03-03 14:22:41,892 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 168 GetRequests, 162 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:22:41,893 INFO L435 NwaCegarLoop]: 605 mSDtfsCounter, 1 mSDsluCounter, 1797 mSDsCounter, 0 mSdLazyCounter, 48 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2402 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 48 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:41,893 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2402 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 48 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:41,895 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 955 states. [2025-03-03 14:22:41,929 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 955 to 951. [2025-03-03 14:22:41,931 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 951 states, 731 states have (on average 1.5636114911080712) internal successors, (1143), 742 states have internal predecessors, (1143), 154 states have call successors, (154), 60 states have call predecessors, (154), 65 states have return successors, (172), 152 states have call predecessors, (172), 152 states have call successors, (172) [2025-03-03 14:22:41,936 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 951 states to 951 states and 1469 transitions. [2025-03-03 14:22:41,937 INFO L78 Accepts]: Start accepts. Automaton has 951 states and 1469 transitions. Word has length 164 [2025-03-03 14:22:41,939 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:41,939 INFO L471 AbstractCegarLoop]: Abstraction has 951 states and 1469 transitions. [2025-03-03 14:22:41,939 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 20.0) internal successors, (100), 5 states have internal predecessors, (100), 2 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:22:41,939 INFO L276 IsEmpty]: Start isEmpty. Operand 951 states and 1469 transitions. [2025-03-03 14:22:41,943 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 165 [2025-03-03 14:22:41,943 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:41,943 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:41,952 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2025-03-03 14:22:42,144 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:42,144 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:42,144 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:42,145 INFO L85 PathProgramCache]: Analyzing trace with hash 676490576, now seen corresponding path program 2 times [2025-03-03 14:22:42,145 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:42,145 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [59096808] [2025-03-03 14:22:42,145 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:22:42,145 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:42,161 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 164 statements into 2 equivalence classes. [2025-03-03 14:22:42,168 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) and asserted 84 of 164 statements. [2025-03-03 14:22:42,168 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2025-03-03 14:22:42,168 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:42,294 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:22:42,294 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:42,294 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [59096808] [2025-03-03 14:22:42,294 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [59096808] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:42,294 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:42,294 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2025-03-03 14:22:42,294 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [605937934] [2025-03-03 14:22:42,294 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:42,295 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2025-03-03 14:22:42,295 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:42,296 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2025-03-03 14:22:42,296 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2025-03-03 14:22:42,296 INFO L87 Difference]: Start difference. First operand 951 states and 1469 transitions. Second operand has 9 states, 9 states have (on average 11.444444444444445) internal successors, (103), 9 states have internal predecessors, (103), 3 states have call successors, (23), 1 states have call predecessors, (23), 3 states have return successors, (20), 5 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:22:42,426 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:42,427 INFO L93 Difference]: Finished difference Result 1469 states and 2224 transitions. [2025-03-03 14:22:42,427 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2025-03-03 14:22:42,427 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 11.444444444444445) internal successors, (103), 9 states have internal predecessors, (103), 3 states have call successors, (23), 1 states have call predecessors, (23), 3 states have return successors, (20), 5 states have call predecessors, (20), 3 states have call successors, (20) Word has length 164 [2025-03-03 14:22:42,428 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:42,434 INFO L225 Difference]: With dead ends: 1469 [2025-03-03 14:22:42,434 INFO L226 Difference]: Without dead ends: 1041 [2025-03-03 14:22:42,456 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=71, Unknown=0, NotChecked=0, Total=90 [2025-03-03 14:22:42,457 INFO L435 NwaCegarLoop]: 644 mSDtfsCounter, 40 mSDsluCounter, 4441 mSDsCounter, 0 mSdLazyCounter, 163 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 5085 SdHoareTripleChecker+Invalid, 163 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 163 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:42,457 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 5085 Invalid, 163 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 163 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:22:42,458 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1041 states. [2025-03-03 14:22:42,499 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1041 to 1033. [2025-03-03 14:22:42,502 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1033 states, 782 states have (on average 1.551150895140665) internal successors, (1213), 799 states have internal predecessors, (1213), 182 states have call successors, (182), 60 states have call predecessors, (182), 68 states have return successors, (210), 179 states have call predecessors, (210), 180 states have call successors, (210) [2025-03-03 14:22:42,509 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1033 states to 1033 states and 1605 transitions. [2025-03-03 14:22:42,513 INFO L78 Accepts]: Start accepts. Automaton has 1033 states and 1605 transitions. Word has length 164 [2025-03-03 14:22:42,513 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:42,513 INFO L471 AbstractCegarLoop]: Abstraction has 1033 states and 1605 transitions. [2025-03-03 14:22:42,513 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 11.444444444444445) internal successors, (103), 9 states have internal predecessors, (103), 3 states have call successors, (23), 1 states have call predecessors, (23), 3 states have return successors, (20), 5 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:22:42,514 INFO L276 IsEmpty]: Start isEmpty. Operand 1033 states and 1605 transitions. [2025-03-03 14:22:42,519 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 185 [2025-03-03 14:22:42,519 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:42,519 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:42,520 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-03-03 14:22:42,520 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:42,520 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:42,520 INFO L85 PathProgramCache]: Analyzing trace with hash 1608174215, now seen corresponding path program 1 times [2025-03-03 14:22:42,520 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:42,520 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [931888878] [2025-03-03 14:22:42,520 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:42,521 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:42,545 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 184 statements into 1 equivalence classes. [2025-03-03 14:22:42,549 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 184 of 184 statements. [2025-03-03 14:22:42,550 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:42,550 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:42,646 INFO L134 CoverageAnalysis]: Checked inductivity of 59 backedges. 0 proven. 8 refuted. 0 times theorem prover too weak. 51 trivial. 0 not checked. [2025-03-03 14:22:42,647 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:42,647 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [931888878] [2025-03-03 14:22:42,647 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [931888878] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:22:42,647 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [76234485] [2025-03-03 14:22:42,647 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:42,647 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:42,647 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:22:42,649 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:22:42,651 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Waiting until timeout for monitored process [2025-03-03 14:22:42,805 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 184 statements into 1 equivalence classes. [2025-03-03 14:22:42,922 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 184 of 184 statements. [2025-03-03 14:22:42,922 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:42,922 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:42,929 INFO L256 TraceCheckSpWp]: Trace formula consists of 1313 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:22:42,933 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:22:42,965 INFO L134 CoverageAnalysis]: Checked inductivity of 59 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 51 trivial. 0 not checked. [2025-03-03 14:22:42,965 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:22:42,965 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [76234485] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:42,965 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:22:42,967 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:22:42,967 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [199946994] [2025-03-03 14:22:42,967 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:42,967 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:22:42,967 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:42,968 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:22:42,968 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:22:42,968 INFO L87 Difference]: Start difference. First operand 1033 states and 1605 transitions. Second operand has 5 states, 5 states have (on average 21.4) internal successors, (107), 5 states have internal predecessors, (107), 3 states have call successors, (26), 2 states have call predecessors, (26), 3 states have return successors, (23), 3 states have call predecessors, (23), 3 states have call successors, (23) [2025-03-03 14:22:43,038 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:43,039 INFO L93 Difference]: Finished difference Result 2027 states and 3161 transitions. [2025-03-03 14:22:43,039 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:22:43,040 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 21.4) internal successors, (107), 5 states have internal predecessors, (107), 3 states have call successors, (26), 2 states have call predecessors, (26), 3 states have return successors, (23), 3 states have call predecessors, (23), 3 states have call successors, (23) Word has length 184 [2025-03-03 14:22:43,040 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:43,045 INFO L225 Difference]: With dead ends: 2027 [2025-03-03 14:22:43,046 INFO L226 Difference]: Without dead ends: 1039 [2025-03-03 14:22:43,049 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 188 GetRequests, 182 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:22:43,049 INFO L435 NwaCegarLoop]: 602 mSDtfsCounter, 1 mSDsluCounter, 1789 mSDsCounter, 0 mSdLazyCounter, 48 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2391 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 48 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:43,049 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2391 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 48 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:43,051 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1039 states. [2025-03-03 14:22:43,101 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1039 to 1037. [2025-03-03 14:22:43,103 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1037 states, 784 states have (on average 1.5497448979591837) internal successors, (1215), 803 states have internal predecessors, (1215), 182 states have call successors, (182), 60 states have call predecessors, (182), 70 states have return successors, (216), 179 states have call predecessors, (216), 180 states have call successors, (216) [2025-03-03 14:22:43,108 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1037 states to 1037 states and 1613 transitions. [2025-03-03 14:22:43,109 INFO L78 Accepts]: Start accepts. Automaton has 1037 states and 1613 transitions. Word has length 184 [2025-03-03 14:22:43,109 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:43,109 INFO L471 AbstractCegarLoop]: Abstraction has 1037 states and 1613 transitions. [2025-03-03 14:22:43,109 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 21.4) internal successors, (107), 5 states have internal predecessors, (107), 3 states have call successors, (26), 2 states have call predecessors, (26), 3 states have return successors, (23), 3 states have call predecessors, (23), 3 states have call successors, (23) [2025-03-03 14:22:43,109 INFO L276 IsEmpty]: Start isEmpty. Operand 1037 states and 1613 transitions. [2025-03-03 14:22:43,113 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 186 [2025-03-03 14:22:43,113 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:43,114 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:43,124 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Ended with exit code 0 [2025-03-03 14:22:43,318 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,8 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:43,318 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:43,319 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:43,319 INFO L85 PathProgramCache]: Analyzing trace with hash 1674072958, now seen corresponding path program 1 times [2025-03-03 14:22:43,319 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:43,319 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2068464585] [2025-03-03 14:22:43,319 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:43,319 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:43,337 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 185 statements into 1 equivalence classes. [2025-03-03 14:22:43,341 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 185 of 185 statements. [2025-03-03 14:22:43,341 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:43,341 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:43,409 INFO L134 CoverageAnalysis]: Checked inductivity of 60 backedges. 0 proven. 9 refuted. 0 times theorem prover too weak. 51 trivial. 0 not checked. [2025-03-03 14:22:43,409 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:43,409 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2068464585] [2025-03-03 14:22:43,409 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2068464585] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:22:43,409 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1496930629] [2025-03-03 14:22:43,410 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:43,410 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:22:43,410 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:22:43,412 INFO L229 MonitoredProcess]: Starting monitored process 9 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:22:43,413 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (9)] Waiting until timeout for monitored process [2025-03-03 14:22:43,579 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 185 statements into 1 equivalence classes. [2025-03-03 14:22:43,683 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 185 of 185 statements. [2025-03-03 14:22:43,684 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:43,684 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:43,688 INFO L256 TraceCheckSpWp]: Trace formula consists of 1314 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:22:43,692 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:22:43,713 INFO L134 CoverageAnalysis]: Checked inductivity of 60 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 58 trivial. 0 not checked. [2025-03-03 14:22:43,714 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:22:43,804 INFO L134 CoverageAnalysis]: Checked inductivity of 60 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 58 trivial. 0 not checked. [2025-03-03 14:22:43,804 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1496930629] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:22:43,804 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:22:43,804 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [5, 4, 4] total 9 [2025-03-03 14:22:43,804 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [585288510] [2025-03-03 14:22:43,804 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:22:43,805 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2025-03-03 14:22:43,805 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:43,806 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2025-03-03 14:22:43,806 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2025-03-03 14:22:43,806 INFO L87 Difference]: Start difference. First operand 1037 states and 1613 transitions. Second operand has 9 states, 9 states have (on average 18.88888888888889) internal successors, (170), 9 states have internal predecessors, (170), 3 states have call successors, (49), 2 states have call predecessors, (49), 3 states have return successors, (46), 3 states have call predecessors, (46), 3 states have call successors, (46) [2025-03-03 14:22:44,039 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:44,040 INFO L93 Difference]: Finished difference Result 2482 states and 3970 transitions. [2025-03-03 14:22:44,040 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2025-03-03 14:22:44,040 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 18.88888888888889) internal successors, (170), 9 states have internal predecessors, (170), 3 states have call successors, (49), 2 states have call predecessors, (49), 3 states have return successors, (46), 3 states have call predecessors, (46), 3 states have call successors, (46) Word has length 185 [2025-03-03 14:22:44,040 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:44,049 INFO L225 Difference]: With dead ends: 2482 [2025-03-03 14:22:44,049 INFO L226 Difference]: Without dead ends: 1698 [2025-03-03 14:22:44,051 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 374 GetRequests, 366 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=65, Unknown=0, NotChecked=0, Total=90 [2025-03-03 14:22:44,052 INFO L435 NwaCegarLoop]: 633 mSDtfsCounter, 542 mSDsluCounter, 2942 mSDsCounter, 0 mSdLazyCounter, 144 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 597 SdHoareTripleChecker+Valid, 3575 SdHoareTripleChecker+Invalid, 162 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 144 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:44,052 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [597 Valid, 3575 Invalid, 162 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 144 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2025-03-03 14:22:44,053 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1698 states. [2025-03-03 14:22:44,104 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1698 to 1650. [2025-03-03 14:22:44,107 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1650 states, 1278 states have (on average 1.6142410015649453) internal successors, (2063), 1289 states have internal predecessors, (2063), 305 states have call successors, (305), 59 states have call predecessors, (305), 66 states have return successors, (353), 307 states have call predecessors, (353), 303 states have call successors, (353) [2025-03-03 14:22:44,113 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1650 states to 1650 states and 2721 transitions. [2025-03-03 14:22:44,115 INFO L78 Accepts]: Start accepts. Automaton has 1650 states and 2721 transitions. Word has length 185 [2025-03-03 14:22:44,115 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:44,115 INFO L471 AbstractCegarLoop]: Abstraction has 1650 states and 2721 transitions. [2025-03-03 14:22:44,116 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 18.88888888888889) internal successors, (170), 9 states have internal predecessors, (170), 3 states have call successors, (49), 2 states have call predecessors, (49), 3 states have return successors, (46), 3 states have call predecessors, (46), 3 states have call successors, (46) [2025-03-03 14:22:44,116 INFO L276 IsEmpty]: Start isEmpty. Operand 1650 states and 2721 transitions. [2025-03-03 14:22:44,122 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 192 [2025-03-03 14:22:44,122 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:44,123 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:44,131 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (9)] Forceful destruction successful, exit code 0 [2025-03-03 14:22:44,324 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 9 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable12 [2025-03-03 14:22:44,324 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:44,325 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:44,326 INFO L85 PathProgramCache]: Analyzing trace with hash -1409742908, now seen corresponding path program 1 times [2025-03-03 14:22:44,326 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:44,326 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [223838019] [2025-03-03 14:22:44,326 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:44,326 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:44,343 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 191 statements into 1 equivalence classes. [2025-03-03 14:22:44,349 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 191 of 191 statements. [2025-03-03 14:22:44,349 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:44,349 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:44,384 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2025-03-03 14:22:44,384 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:44,384 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [223838019] [2025-03-03 14:22:44,384 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [223838019] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:44,385 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:44,385 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:22:44,385 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2114319218] [2025-03-03 14:22:44,385 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:44,385 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:22:44,385 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:44,386 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:22:44,386 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:44,386 INFO L87 Difference]: Start difference. First operand 1650 states and 2721 transitions. Second operand has 3 states, 3 states have (on average 38.666666666666664) internal successors, (116), 3 states have internal predecessors, (116), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:44,435 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:44,436 INFO L93 Difference]: Finished difference Result 3875 states and 6482 transitions. [2025-03-03 14:22:44,436 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:22:44,436 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 38.666666666666664) internal successors, (116), 3 states have internal predecessors, (116), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) Word has length 191 [2025-03-03 14:22:44,437 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:44,449 INFO L225 Difference]: With dead ends: 3875 [2025-03-03 14:22:44,449 INFO L226 Difference]: Without dead ends: 2295 [2025-03-03 14:22:44,456 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:44,456 INFO L435 NwaCegarLoop]: 629 mSDtfsCounter, 124 mSDsluCounter, 611 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1240 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:44,457 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1240 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:44,459 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2295 states. [2025-03-03 14:22:44,528 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2295 to 2279. [2025-03-03 14:22:44,532 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2279 states, 1780 states have (on average 1.6308988764044945) internal successors, (2903), 1785 states have internal predecessors, (2903), 432 states have call successors, (432), 59 states have call predecessors, (432), 66 states have return successors, (503), 440 states have call predecessors, (503), 430 states have call successors, (503) [2025-03-03 14:22:44,563 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2279 states to 2279 states and 3838 transitions. [2025-03-03 14:22:44,564 INFO L78 Accepts]: Start accepts. Automaton has 2279 states and 3838 transitions. Word has length 191 [2025-03-03 14:22:44,564 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:44,564 INFO L471 AbstractCegarLoop]: Abstraction has 2279 states and 3838 transitions. [2025-03-03 14:22:44,565 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 38.666666666666664) internal successors, (116), 3 states have internal predecessors, (116), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:44,565 INFO L276 IsEmpty]: Start isEmpty. Operand 2279 states and 3838 transitions. [2025-03-03 14:22:44,575 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 193 [2025-03-03 14:22:44,575 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:44,576 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:44,576 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-03 14:22:44,576 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:44,577 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:44,577 INFO L85 PathProgramCache]: Analyzing trace with hash -287746960, now seen corresponding path program 1 times [2025-03-03 14:22:44,577 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:44,577 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [935890993] [2025-03-03 14:22:44,577 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:44,577 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:44,595 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 192 statements into 1 equivalence classes. [2025-03-03 14:22:44,600 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 192 of 192 statements. [2025-03-03 14:22:44,600 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:44,600 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:44,632 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2025-03-03 14:22:44,632 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:44,632 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [935890993] [2025-03-03 14:22:44,632 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [935890993] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:44,632 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:44,633 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:22:44,633 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [512046234] [2025-03-03 14:22:44,633 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:44,633 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:22:44,633 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:44,633 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:22:44,634 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:44,634 INFO L87 Difference]: Start difference. First operand 2279 states and 3838 transitions. Second operand has 3 states, 3 states have (on average 39.0) internal successors, (117), 3 states have internal predecessors, (117), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:44,699 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:44,699 INFO L93 Difference]: Finished difference Result 5657 states and 9635 transitions. [2025-03-03 14:22:44,699 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:22:44,699 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 39.0) internal successors, (117), 3 states have internal predecessors, (117), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) Word has length 192 [2025-03-03 14:22:44,699 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:44,716 INFO L225 Difference]: With dead ends: 5657 [2025-03-03 14:22:44,716 INFO L226 Difference]: Without dead ends: 3503 [2025-03-03 14:22:44,725 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:44,725 INFO L435 NwaCegarLoop]: 618 mSDtfsCounter, 122 mSDsluCounter, 606 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1224 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:44,726 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1224 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:44,728 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 3503 states. [2025-03-03 14:22:44,853 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 3503 to 3487. [2025-03-03 14:22:44,864 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3487 states, 2750 states have (on average 1.6498181818181819) internal successors, (4537), 2755 states have internal predecessors, (4537), 670 states have call successors, (670), 59 states have call predecessors, (670), 66 states have return successors, (757), 678 states have call predecessors, (757), 668 states have call successors, (757) [2025-03-03 14:22:44,881 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3487 states to 3487 states and 5964 transitions. [2025-03-03 14:22:44,884 INFO L78 Accepts]: Start accepts. Automaton has 3487 states and 5964 transitions. Word has length 192 [2025-03-03 14:22:44,885 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:44,885 INFO L471 AbstractCegarLoop]: Abstraction has 3487 states and 5964 transitions. [2025-03-03 14:22:44,888 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 39.0) internal successors, (117), 3 states have internal predecessors, (117), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:44,889 INFO L276 IsEmpty]: Start isEmpty. Operand 3487 states and 5964 transitions. [2025-03-03 14:22:44,908 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 194 [2025-03-03 14:22:44,908 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:44,909 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:44,909 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-03 14:22:44,909 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:44,909 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:44,909 INFO L85 PathProgramCache]: Analyzing trace with hash -1677081277, now seen corresponding path program 1 times [2025-03-03 14:22:44,909 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:44,910 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [91951168] [2025-03-03 14:22:44,910 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:44,910 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:44,931 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 193 statements into 1 equivalence classes. [2025-03-03 14:22:44,939 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 193 of 193 statements. [2025-03-03 14:22:44,939 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:44,939 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:44,976 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2025-03-03 14:22:44,976 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:44,977 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [91951168] [2025-03-03 14:22:44,977 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [91951168] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:44,977 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:44,977 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:22:44,977 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1222985754] [2025-03-03 14:22:44,977 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:44,978 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:22:44,978 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:44,979 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:22:44,979 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:44,979 INFO L87 Difference]: Start difference. First operand 3487 states and 5964 transitions. Second operand has 3 states, 3 states have (on average 39.333333333333336) internal successors, (118), 3 states have internal predecessors, (118), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:45,094 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:45,094 INFO L93 Difference]: Finished difference Result 8288 states and 14306 transitions. [2025-03-03 14:22:45,095 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:22:45,095 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 39.333333333333336) internal successors, (118), 3 states have internal predecessors, (118), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) Word has length 193 [2025-03-03 14:22:45,095 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:45,124 INFO L225 Difference]: With dead ends: 8288 [2025-03-03 14:22:45,124 INFO L226 Difference]: Without dead ends: 5142 [2025-03-03 14:22:45,137 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:45,138 INFO L435 NwaCegarLoop]: 611 mSDtfsCounter, 120 mSDsluCounter, 602 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1213 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:45,138 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1213 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:45,142 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 5142 states. [2025-03-03 14:22:45,316 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 5142 to 5126. [2025-03-03 14:22:45,329 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5126 states, 4104 states have (on average 1.6600877192982457) internal successors, (6813), 4100 states have internal predecessors, (6813), 955 states have call successors, (955), 59 states have call predecessors, (955), 66 states have return successors, (1089), 972 states have call predecessors, (1089), 953 states have call successors, (1089) [2025-03-03 14:22:45,347 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5126 states to 5126 states and 8857 transitions. [2025-03-03 14:22:45,350 INFO L78 Accepts]: Start accepts. Automaton has 5126 states and 8857 transitions. Word has length 193 [2025-03-03 14:22:45,350 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:45,350 INFO L471 AbstractCegarLoop]: Abstraction has 5126 states and 8857 transitions. [2025-03-03 14:22:45,355 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 39.333333333333336) internal successors, (118), 3 states have internal predecessors, (118), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:45,355 INFO L276 IsEmpty]: Start isEmpty. Operand 5126 states and 8857 transitions. [2025-03-03 14:22:45,378 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 176 [2025-03-03 14:22:45,378 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:45,378 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:45,378 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-03 14:22:45,378 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:45,379 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:45,379 INFO L85 PathProgramCache]: Analyzing trace with hash -672990786, now seen corresponding path program 1 times [2025-03-03 14:22:45,379 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:45,379 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [18149737] [2025-03-03 14:22:45,379 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:45,379 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:45,393 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 175 statements into 1 equivalence classes. [2025-03-03 14:22:45,397 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 175 of 175 statements. [2025-03-03 14:22:45,397 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:45,397 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:45,425 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2025-03-03 14:22:45,426 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:45,426 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [18149737] [2025-03-03 14:22:45,426 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [18149737] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:45,426 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:45,426 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:22:45,426 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [296274871] [2025-03-03 14:22:45,426 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:45,426 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:22:45,426 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:45,427 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:22:45,427 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:45,427 INFO L87 Difference]: Start difference. First operand 5126 states and 8857 transitions. Second operand has 3 states, 3 states have (on average 37.333333333333336) internal successors, (112), 3 states have internal predecessors, (112), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:22:45,599 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:45,599 INFO L93 Difference]: Finished difference Result 12356 states and 21539 transitions. [2025-03-03 14:22:45,599 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:22:45,600 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 37.333333333333336) internal successors, (112), 3 states have internal predecessors, (112), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 175 [2025-03-03 14:22:45,600 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:45,636 INFO L225 Difference]: With dead ends: 12356 [2025-03-03 14:22:45,636 INFO L226 Difference]: Without dead ends: 7840 [2025-03-03 14:22:45,650 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:45,650 INFO L435 NwaCegarLoop]: 611 mSDtfsCounter, 118 mSDsluCounter, 602 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1213 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:45,651 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1213 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:45,656 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 7840 states. [2025-03-03 14:22:45,905 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 7840 to 7824. [2025-03-03 14:22:45,913 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7824 states, 6362 states have (on average 1.6689720213769255) internal successors, (10618), 6346 states have internal predecessors, (10618), 1395 states have call successors, (1395), 59 states have call predecessors, (1395), 66 states have return successors, (1608), 1424 states have call predecessors, (1608), 1393 states have call successors, (1608) [2025-03-03 14:22:45,934 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7824 states to 7824 states and 13621 transitions. [2025-03-03 14:22:45,938 INFO L78 Accepts]: Start accepts. Automaton has 7824 states and 13621 transitions. Word has length 175 [2025-03-03 14:22:45,938 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:45,938 INFO L471 AbstractCegarLoop]: Abstraction has 7824 states and 13621 transitions. [2025-03-03 14:22:45,938 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 37.333333333333336) internal successors, (112), 3 states have internal predecessors, (112), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:22:45,938 INFO L276 IsEmpty]: Start isEmpty. Operand 7824 states and 13621 transitions. [2025-03-03 14:22:45,970 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 196 [2025-03-03 14:22:45,970 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:45,970 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:45,970 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-03 14:22:45,970 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:45,971 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:45,971 INFO L85 PathProgramCache]: Analyzing trace with hash -647615518, now seen corresponding path program 1 times [2025-03-03 14:22:45,971 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:45,971 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [250931676] [2025-03-03 14:22:45,971 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:45,971 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:45,987 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 195 statements into 1 equivalence classes. [2025-03-03 14:22:45,992 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 195 of 195 statements. [2025-03-03 14:22:45,992 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:45,992 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:46,024 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2025-03-03 14:22:46,024 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:46,024 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [250931676] [2025-03-03 14:22:46,024 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [250931676] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:46,024 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:46,024 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:22:46,024 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2117077882] [2025-03-03 14:22:46,024 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:46,025 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:22:46,025 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:46,025 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:22:46,025 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:46,025 INFO L87 Difference]: Start difference. First operand 7824 states and 13621 transitions. Second operand has 3 states, 3 states have (on average 40.0) internal successors, (120), 3 states have internal predecessors, (120), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:46,290 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:46,290 INFO L93 Difference]: Finished difference Result 19762 states and 34640 transitions. [2025-03-03 14:22:46,290 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:22:46,290 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 40.0) internal successors, (120), 3 states have internal predecessors, (120), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) Word has length 195 [2025-03-03 14:22:46,291 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:46,349 INFO L225 Difference]: With dead ends: 19762 [2025-03-03 14:22:46,349 INFO L226 Difference]: Without dead ends: 12836 [2025-03-03 14:22:46,380 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:46,381 INFO L435 NwaCegarLoop]: 620 mSDtfsCounter, 116 mSDsluCounter, 607 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1227 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:46,381 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1227 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:46,392 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 12836 states. [2025-03-03 14:22:46,906 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 12836 to 12820. [2025-03-03 14:22:46,924 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12820 states, 10448 states have (on average 1.6685490045941807) internal successors, (17433), 10417 states have internal predecessors, (17433), 2305 states have call successors, (2305), 59 states have call predecessors, (2305), 66 states have return successors, (2657), 2349 states have call predecessors, (2657), 2303 states have call successors, (2657) [2025-03-03 14:22:46,960 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12820 states to 12820 states and 22395 transitions. [2025-03-03 14:22:46,967 INFO L78 Accepts]: Start accepts. Automaton has 12820 states and 22395 transitions. Word has length 195 [2025-03-03 14:22:46,968 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:46,968 INFO L471 AbstractCegarLoop]: Abstraction has 12820 states and 22395 transitions. [2025-03-03 14:22:46,968 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 40.0) internal successors, (120), 3 states have internal predecessors, (120), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:46,968 INFO L276 IsEmpty]: Start isEmpty. Operand 12820 states and 22395 transitions. [2025-03-03 14:22:47,052 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 197 [2025-03-03 14:22:47,053 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:47,053 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:47,053 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-03 14:22:47,053 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:47,056 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:47,056 INFO L85 PathProgramCache]: Analyzing trace with hash 652491762, now seen corresponding path program 1 times [2025-03-03 14:22:47,056 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:47,056 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1189774606] [2025-03-03 14:22:47,056 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:47,056 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:47,072 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 196 statements into 1 equivalence classes. [2025-03-03 14:22:47,077 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 196 of 196 statements. [2025-03-03 14:22:47,078 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:47,078 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:47,108 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2025-03-03 14:22:47,108 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:47,108 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1189774606] [2025-03-03 14:22:47,108 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1189774606] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:47,108 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:47,108 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:22:47,108 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2129017760] [2025-03-03 14:22:47,108 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:47,110 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:22:47,110 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:47,110 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:22:47,110 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:47,110 INFO L87 Difference]: Start difference. First operand 12820 states and 22395 transitions. Second operand has 3 states, 3 states have (on average 40.333333333333336) internal successors, (121), 3 states have internal predecessors, (121), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:47,502 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:47,502 INFO L93 Difference]: Finished difference Result 33710 states and 59216 transitions. [2025-03-03 14:22:47,503 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:22:47,503 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 40.333333333333336) internal successors, (121), 3 states have internal predecessors, (121), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) Word has length 196 [2025-03-03 14:22:47,503 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:47,588 INFO L225 Difference]: With dead ends: 33710 [2025-03-03 14:22:47,588 INFO L226 Difference]: Without dead ends: 22260 [2025-03-03 14:22:47,613 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:47,613 INFO L435 NwaCegarLoop]: 613 mSDtfsCounter, 114 mSDsluCounter, 605 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 132 SdHoareTripleChecker+Valid, 1218 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:47,613 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [132 Valid, 1218 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:47,634 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 22260 states. [2025-03-03 14:22:48,205 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 22260 to 22244. [2025-03-03 14:22:48,233 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 22244 states, 18228 states have (on average 1.6711103796357252) internal successors, (30461), 18197 states have internal predecessors, (30461), 3949 states have call successors, (3949), 59 states have call predecessors, (3949), 66 states have return successors, (4490), 3993 states have call predecessors, (4490), 3947 states have call successors, (4490) [2025-03-03 14:22:48,296 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 22244 states to 22244 states and 38900 transitions. [2025-03-03 14:22:48,306 INFO L78 Accepts]: Start accepts. Automaton has 22244 states and 38900 transitions. Word has length 196 [2025-03-03 14:22:48,306 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:48,307 INFO L471 AbstractCegarLoop]: Abstraction has 22244 states and 38900 transitions. [2025-03-03 14:22:48,307 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 40.333333333333336) internal successors, (121), 3 states have internal predecessors, (121), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:48,307 INFO L276 IsEmpty]: Start isEmpty. Operand 22244 states and 38900 transitions. [2025-03-03 14:22:48,380 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 198 [2025-03-03 14:22:48,381 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:48,381 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:48,381 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-03 14:22:48,381 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:48,381 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:48,381 INFO L85 PathProgramCache]: Analyzing trace with hash 615533089, now seen corresponding path program 1 times [2025-03-03 14:22:48,382 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:48,382 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [207127023] [2025-03-03 14:22:48,382 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:48,382 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:48,397 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 197 statements into 1 equivalence classes. [2025-03-03 14:22:48,402 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 197 of 197 statements. [2025-03-03 14:22:48,402 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:48,403 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:48,429 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2025-03-03 14:22:48,429 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:48,429 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [207127023] [2025-03-03 14:22:48,429 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [207127023] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:48,429 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:48,429 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:22:48,429 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1860237093] [2025-03-03 14:22:48,430 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:48,430 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:22:48,430 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:48,431 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:22:48,431 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:48,431 INFO L87 Difference]: Start difference. First operand 22244 states and 38900 transitions. Second operand has 3 states, 3 states have (on average 40.666666666666664) internal successors, (122), 3 states have internal predecessors, (122), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:49,275 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:49,275 INFO L93 Difference]: Finished difference Result 54117 states and 94654 transitions. [2025-03-03 14:22:49,275 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:22:49,276 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 40.666666666666664) internal successors, (122), 3 states have internal predecessors, (122), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) Word has length 197 [2025-03-03 14:22:49,276 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:49,451 INFO L225 Difference]: With dead ends: 54117 [2025-03-03 14:22:49,451 INFO L226 Difference]: Without dead ends: 34797 [2025-03-03 14:22:49,527 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:49,529 INFO L435 NwaCegarLoop]: 613 mSDtfsCounter, 112 mSDsluCounter, 577 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 1190 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:49,529 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 1190 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:49,558 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 34797 states. [2025-03-03 14:22:50,763 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 34797 to 34781. [2025-03-03 14:22:50,812 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 34781 states, 28434 states have (on average 1.6480621790813814) internal successors, (46861), 28385 states have internal predecessors, (46861), 6280 states have call successors, (6280), 59 states have call predecessors, (6280), 66 states have return successors, (7240), 6342 states have call predecessors, (7240), 6278 states have call successors, (7240) [2025-03-03 14:22:50,904 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 34781 states to 34781 states and 60381 transitions. [2025-03-03 14:22:50,919 INFO L78 Accepts]: Start accepts. Automaton has 34781 states and 60381 transitions. Word has length 197 [2025-03-03 14:22:50,920 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:50,920 INFO L471 AbstractCegarLoop]: Abstraction has 34781 states and 60381 transitions. [2025-03-03 14:22:50,921 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 40.666666666666664) internal successors, (122), 3 states have internal predecessors, (122), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:50,921 INFO L276 IsEmpty]: Start isEmpty. Operand 34781 states and 60381 transitions. [2025-03-03 14:22:51,213 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 199 [2025-03-03 14:22:51,213 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:51,213 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:51,213 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-03 14:22:51,213 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:51,214 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:51,214 INFO L85 PathProgramCache]: Analyzing trace with hash -1651075053, now seen corresponding path program 1 times [2025-03-03 14:22:51,214 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:51,214 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2072204419] [2025-03-03 14:22:51,214 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:51,214 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:51,232 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 198 statements into 1 equivalence classes. [2025-03-03 14:22:51,239 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 198 of 198 statements. [2025-03-03 14:22:51,240 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:51,240 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:51,273 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2025-03-03 14:22:51,273 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:51,274 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2072204419] [2025-03-03 14:22:51,274 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2072204419] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:51,274 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:51,274 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:22:51,274 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1057812467] [2025-03-03 14:22:51,274 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:51,274 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:22:51,274 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:51,275 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:22:51,275 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:51,275 INFO L87 Difference]: Start difference. First operand 34781 states and 60381 transitions. Second operand has 3 states, 3 states have (on average 41.0) internal successors, (123), 3 states have internal predecessors, (123), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:52,236 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:52,236 INFO L93 Difference]: Finished difference Result 93649 states and 163323 transitions. [2025-03-03 14:22:52,237 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:22:52,237 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 41.0) internal successors, (123), 3 states have internal predecessors, (123), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) Word has length 198 [2025-03-03 14:22:52,237 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:52,714 INFO L225 Difference]: With dead ends: 93649 [2025-03-03 14:22:52,714 INFO L226 Difference]: Without dead ends: 62593 [2025-03-03 14:22:52,831 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:52,832 INFO L435 NwaCegarLoop]: 611 mSDtfsCounter, 110 mSDsluCounter, 605 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1216 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:52,833 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1216 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:52,879 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62593 states. [2025-03-03 14:22:54,878 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62593 to 62577. [2025-03-03 14:22:54,964 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62577 states, 51430 states have (on average 1.64592650204161) internal successors, (84650), 51360 states have internal predecessors, (84650), 11080 states have call successors, (11080), 59 states have call predecessors, (11080), 66 states have return successors, (12847), 11163 states have call predecessors, (12847), 11078 states have call successors, (12847) [2025-03-03 14:22:55,157 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62577 states to 62577 states and 108577 transitions. [2025-03-03 14:22:55,180 INFO L78 Accepts]: Start accepts. Automaton has 62577 states and 108577 transitions. Word has length 198 [2025-03-03 14:22:55,182 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:22:55,182 INFO L471 AbstractCegarLoop]: Abstraction has 62577 states and 108577 transitions. [2025-03-03 14:22:55,182 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 41.0) internal successors, (123), 3 states have internal predecessors, (123), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:22:55,182 INFO L276 IsEmpty]: Start isEmpty. Operand 62577 states and 108577 transitions. [2025-03-03 14:22:55,347 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 181 [2025-03-03 14:22:55,348 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:22:55,348 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:22:55,348 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2025-03-03 14:22:55,349 INFO L396 AbstractCegarLoop]: === Iteration 22 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:22:55,349 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:22:55,349 INFO L85 PathProgramCache]: Analyzing trace with hash -41107665, now seen corresponding path program 1 times [2025-03-03 14:22:55,349 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:22:55,349 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1891287439] [2025-03-03 14:22:55,349 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:22:55,349 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:22:55,366 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 180 statements into 1 equivalence classes. [2025-03-03 14:22:55,373 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 180 of 180 statements. [2025-03-03 14:22:55,373 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:22:55,373 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:22:55,403 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2025-03-03 14:22:55,403 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:22:55,403 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1891287439] [2025-03-03 14:22:55,403 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1891287439] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:22:55,403 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:22:55,403 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:22:55,404 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2077884086] [2025-03-03 14:22:55,404 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:22:55,405 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:22:55,405 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:22:55,405 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:22:55,405 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:55,405 INFO L87 Difference]: Start difference. First operand 62577 states and 108577 transitions. Second operand has 3 states, 3 states have (on average 39.0) internal successors, (117), 3 states have internal predecessors, (117), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:22:58,144 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:22:58,146 INFO L93 Difference]: Finished difference Result 173221 states and 301123 transitions. [2025-03-03 14:22:58,147 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:22:58,147 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 39.0) internal successors, (117), 3 states have internal predecessors, (117), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 180 [2025-03-03 14:22:58,147 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:22:58,657 INFO L225 Difference]: With dead ends: 173221 [2025-03-03 14:22:58,657 INFO L226 Difference]: Without dead ends: 116148 [2025-03-03 14:22:58,974 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:22:58,976 INFO L435 NwaCegarLoop]: 611 mSDtfsCounter, 108 mSDsluCounter, 605 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 1216 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:22:58,976 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [126 Valid, 1216 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:22:59,033 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 116148 states. [2025-03-03 14:23:02,494 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 116148 to 116132. [2025-03-03 14:23:02,633 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 116132 states, 95965 states have (on average 1.6419527952899495) internal successors, (157570), 95895 states have internal predecessors, (157570), 20100 states have call successors, (20100), 59 states have call predecessors, (20100), 66 states have return successors, (22931), 20183 states have call predecessors, (22931), 20098 states have call successors, (22931) [2025-03-03 14:23:03,346 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 116132 states to 116132 states and 200601 transitions. [2025-03-03 14:23:03,389 INFO L78 Accepts]: Start accepts. Automaton has 116132 states and 200601 transitions. Word has length 180 [2025-03-03 14:23:03,390 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:23:03,390 INFO L471 AbstractCegarLoop]: Abstraction has 116132 states and 200601 transitions. [2025-03-03 14:23:03,390 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 39.0) internal successors, (117), 3 states have internal predecessors, (117), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:23:03,390 INFO L276 IsEmpty]: Start isEmpty. Operand 116132 states and 200601 transitions. [2025-03-03 14:23:03,885 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 201 [2025-03-03 14:23:03,886 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:23:03,886 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:23:03,886 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable21 [2025-03-03 14:23:03,886 INFO L396 AbstractCegarLoop]: === Iteration 23 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:23:03,887 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:23:03,887 INFO L85 PathProgramCache]: Analyzing trace with hash -239121196, now seen corresponding path program 1 times [2025-03-03 14:23:03,887 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:23:03,887 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2007179786] [2025-03-03 14:23:03,887 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:23:03,887 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:23:03,903 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 200 statements into 1 equivalence classes. [2025-03-03 14:23:03,908 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 200 of 200 statements. [2025-03-03 14:23:03,908 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:23:03,909 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:23:03,935 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 54 trivial. 0 not checked. [2025-03-03 14:23:03,935 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:23:03,935 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2007179786] [2025-03-03 14:23:03,936 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2007179786] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:23:03,936 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:23:03,936 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:23:03,936 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2132794614] [2025-03-03 14:23:03,936 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:23:03,936 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:23:03,936 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:23:03,937 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:23:03,937 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:23:03,937 INFO L87 Difference]: Start difference. First operand 116132 states and 200601 transitions. Second operand has 3 states, 3 states have (on average 41.666666666666664) internal successors, (125), 3 states have internal predecessors, (125), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) [2025-03-03 14:23:07,407 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:23:07,407 INFO L93 Difference]: Finished difference Result 218385 states and 378160 transitions. [2025-03-03 14:23:07,407 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:23:07,408 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 41.666666666666664) internal successors, (125), 3 states have internal predecessors, (125), 2 states have call successors, (26), 2 states have call predecessors, (26), 1 states have return successors, (23), 2 states have call predecessors, (23), 2 states have call successors, (23) Word has length 200 [2025-03-03 14:23:07,408 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:23:08,139 INFO L225 Difference]: With dead ends: 218385 [2025-03-03 14:23:08,139 INFO L226 Difference]: Without dead ends: 217859 [2025-03-03 14:23:08,225 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:23:08,225 INFO L435 NwaCegarLoop]: 620 mSDtfsCounter, 103 mSDsluCounter, 610 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 1230 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:23:08,225 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [120 Valid, 1230 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:23:08,367 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 217859 states.