./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec6_product34.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec6_product34.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4c8df6e468eecbce541189806946dc0233fe629a6f2a971a54d2c5d7914e97b3 --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:25:28,281 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:25:28,330 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:25:28,336 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:25:28,339 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:25:28,361 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:25:28,361 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:25:28,362 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:25:28,362 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:25:28,362 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:25:28,362 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:25:28,362 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:25:28,362 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:25:28,362 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:25:28,362 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:25:28,362 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:25:28,364 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:25:28,364 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:25:28,364 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:25:28,364 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:25:28,364 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:25:28,364 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:25:28,364 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:25:28,364 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:25:28,364 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:25:28,364 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:25:28,364 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:25:28,365 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:25:28,365 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:25:28,365 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:25:28,365 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:25:28,365 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:25:28,365 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:25:28,366 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:25:28,366 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:25:28,366 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:25:28,366 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:25:28,366 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:25:28,366 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:25:28,366 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:25:28,366 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:25:28,366 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:25:28,366 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:25:28,366 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4c8df6e468eecbce541189806946dc0233fe629a6f2a971a54d2c5d7914e97b3 [2025-03-03 14:25:28,597 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:25:28,606 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:25:28,607 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:25:28,608 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:25:28,608 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:25:28,609 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec6_product34.cil.c [2025-03-03 14:25:29,769 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c7bbda5f5/1b67075c498044b396a6880ac9bff05d/FLAGc7146775d [2025-03-03 14:25:30,106 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:25:30,106 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec6_product34.cil.c [2025-03-03 14:25:30,133 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c7bbda5f5/1b67075c498044b396a6880ac9bff05d/FLAGc7146775d [2025-03-03 14:25:30,321 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/c7bbda5f5/1b67075c498044b396a6880ac9bff05d [2025-03-03 14:25:30,325 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:25:30,326 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:25:30,327 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:25:30,328 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:25:30,331 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:25:30,331 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:30,332 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@144f26c2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30, skipping insertion in model container [2025-03-03 14:25:30,332 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:30,379 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:25:30,577 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec6_product34.cil.c[11485,11498] [2025-03-03 14:25:30,755 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:25:30,769 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:25:30,774 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [48] [2025-03-03 14:25:30,776 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EncryptDecrypt_spec.i","") [97] [2025-03-03 14:25:30,776 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [150] [2025-03-03 14:25:30,776 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [578] [2025-03-03 14:25:30,776 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [595] [2025-03-03 14:25:30,776 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [604] [2025-03-03 14:25:30,777 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [970] [2025-03-03 14:25:30,777 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [1369] [2025-03-03 14:25:30,777 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [1504] [2025-03-03 14:25:30,778 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [2576] [2025-03-03 14:25:30,778 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [2875] [2025-03-03 14:25:30,801 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec6_product34.cil.c[11485,11498] [2025-03-03 14:25:30,864 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:25:30,892 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:25:30,892 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30 WrapperNode [2025-03-03 14:25:30,892 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:25:30,893 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:25:30,893 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:25:30,893 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:25:30,898 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:30,915 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:30,953 INFO L138 Inliner]: procedures = 135, calls = 224, calls flagged for inlining = 63, calls inlined = 60, statements flattened = 1127 [2025-03-03 14:25:30,953 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:25:30,956 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:25:30,956 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:25:30,956 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:25:30,963 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:30,963 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:30,972 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:31,011 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-03 14:25:31,011 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:31,012 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:31,035 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:31,041 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:31,048 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:31,051 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:31,064 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:25:31,066 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:25:31,066 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:25:31,066 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:25:31,067 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (1/1) ... [2025-03-03 14:25:31,071 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:25:31,082 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:31,095 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:25:31,101 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:25:31,121 INFO L130 BoogieDeclarations]: Found specification of procedure getClientPrivateKey [2025-03-03 14:25:31,121 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientPrivateKey [2025-03-03 14:25:31,121 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-03 14:25:31,121 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-03 14:25:31,121 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-03 14:25:31,121 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-03 14:25:31,121 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-03 14:25:31,122 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-03 14:25:31,122 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-03 14:25:31,122 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-03 14:25:31,122 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-03 14:25:31,122 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-03 14:25:31,122 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-03 14:25:31,122 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-03 14:25:31,122 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailSignKey [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailSignKey [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure isSigned [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure isSigned [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure isKeyPairValid [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure isKeyPairValid [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure findPublicKey [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure findPublicKey [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-03 14:25:31,123 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-03 14:25:31,123 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-03 14:25:31,124 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-03 14:25:31,124 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-03 14:25:31,124 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-03 14:25:31,124 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-03 14:25:31,124 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-03 14:25:31,124 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-03 14:25:31,124 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-03 14:25:31,124 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:25:31,124 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-03 14:25:31,124 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-03 14:25:31,124 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-03 14:25:31,124 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-03 14:25:31,124 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-03 14:25:31,124 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-03 14:25:31,124 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-03 14:25:31,124 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:25:31,124 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:25:31,307 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:25:31,311 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:25:31,419 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1276: #res := ~retValue_acc~19; [2025-03-03 14:25:31,459 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L477: #res := ~retValue_acc~6; [2025-03-03 14:25:31,496 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2165-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~36#1; [2025-03-03 14:25:31,496 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2210: #res#1 := ~retValue_acc~37#1; [2025-03-03 14:25:31,534 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2434: #res := ~retValue_acc~40; [2025-03-03 14:25:31,689 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2506-1: getClientForwardReceiver_#res#1 := getClientForwardReceiver_~retValue_acc~41#1; [2025-03-03 14:25:31,690 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1350-1: isVerified_#res#1 := isVerified_~retValue_acc~21#1; [2025-03-03 14:25:31,690 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1013-1: getEmailId_#res#1 := getEmailId_~retValue_acc~12#1; [2025-03-03 14:25:31,690 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2553-1: getClientId_#res#1 := getClientId_~retValue_acc~42#1; [2025-03-03 14:25:31,697 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2118: #res := ~retValue_acc~35; [2025-03-03 14:25:31,714 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1501-1: createEmail_#res#1 := createEmail_~retValue_acc~25#1; [2025-03-03 14:25:31,723 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1662: #res := ~retValue_acc~29; [2025-03-03 14:25:31,736 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1202: #res := ~retValue_acc~17; [2025-03-03 14:25:31,770 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1239: #res := ~retValue_acc~18; [2025-03-03 14:25:31,777 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1313: #res := ~retValue_acc~20; [2025-03-03 14:25:31,800 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1087: #res := ~retValue_acc~14; [2025-03-03 14:25:31,849 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1988: #res := ~retValue_acc~33; [2025-03-03 14:25:32,073 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L434-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~3#1; [2025-03-03 14:25:32,073 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L452-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~5#1; [2025-03-03 14:25:32,073 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2273-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~38#1; [2025-03-03 14:25:32,073 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L94-1: valid_product_#res#1 := valid_product_~retValue_acc~1#1; [2025-03-03 14:25:32,073 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L443-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~4#1; [2025-03-03 14:25:32,073 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2380-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~39#1; [2025-03-03 14:25:32,078 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1050: #res := ~retValue_acc~13; [2025-03-03 14:25:32,086 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1457-1: isReadable__wrappee__Keys_#res#1 := isReadable__wrappee__Keys_~retValue_acc~22#1; [2025-03-03 14:25:32,086 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1477: #res#1 := ~retValue_acc~23#1; [2025-03-03 14:25:32,238 INFO L? ?]: Removed 588 outVars from TransFormulas that were not future-live. [2025-03-03 14:25:32,239 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:25:32,256 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:25:32,257 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:25:32,257 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:25:32 BoogieIcfgContainer [2025-03-03 14:25:32,257 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:25:32,259 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:25:32,259 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:25:32,262 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:25:32,262 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:25:30" (1/3) ... [2025-03-03 14:25:32,263 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6c8fe972 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:25:32, skipping insertion in model container [2025-03-03 14:25:32,263 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:25:30" (2/3) ... [2025-03-03 14:25:32,263 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6c8fe972 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:25:32, skipping insertion in model container [2025-03-03 14:25:32,263 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:25:32" (3/3) ... [2025-03-03 14:25:32,264 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec6_product34.cil.c [2025-03-03 14:25:32,274 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:25:32,277 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec6_product34.cil.c that has 29 procedures, 451 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-03 14:25:32,323 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:25:32,331 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@614b166e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:25:32,331 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:25:32,335 INFO L276 IsEmpty]: Start isEmpty. Operand has 451 states, 348 states have (on average 1.5316091954022988) internal successors, (533), 353 states have internal predecessors, (533), 73 states have call successors, (73), 28 states have call predecessors, (73), 28 states have return successors, (73), 72 states have call predecessors, (73), 73 states have call successors, (73) [2025-03-03 14:25:32,352 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 155 [2025-03-03 14:25:32,352 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:32,353 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:32,354 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:32,357 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:32,358 INFO L85 PathProgramCache]: Analyzing trace with hash -592114512, now seen corresponding path program 1 times [2025-03-03 14:25:32,362 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:32,363 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1125455316] [2025-03-03 14:25:32,363 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:32,363 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:32,453 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 154 statements into 1 equivalence classes. [2025-03-03 14:25:32,508 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 154 of 154 statements. [2025-03-03 14:25:32,509 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:32,509 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:33,058 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2025-03-03 14:25:33,059 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:33,059 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1125455316] [2025-03-03 14:25:33,059 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1125455316] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:33,060 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1681733169] [2025-03-03 14:25:33,060 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:33,060 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:33,060 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:33,063 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:33,064 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:25:33,265 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 154 statements into 1 equivalence classes. [2025-03-03 14:25:33,403 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 154 of 154 statements. [2025-03-03 14:25:33,403 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:33,403 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:33,409 INFO L256 TraceCheckSpWp]: Trace formula consists of 1298 conjuncts, 1 conjuncts are in the unsatisfiable core [2025-03-03 14:25:33,417 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:33,435 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2025-03-03 14:25:33,435 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:25:33,435 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1681733169] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:33,435 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:25:33,436 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [5] total 5 [2025-03-03 14:25:33,438 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1327186169] [2025-03-03 14:25:33,438 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:33,441 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:25:33,441 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:33,458 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:25:33,458 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:33,461 INFO L87 Difference]: Start difference. First operand has 451 states, 348 states have (on average 1.5316091954022988) internal successors, (533), 353 states have internal predecessors, (533), 73 states have call successors, (73), 28 states have call predecessors, (73), 28 states have return successors, (73), 72 states have call predecessors, (73), 73 states have call successors, (73) Second operand has 2 states, 2 states have (on average 41.0) internal successors, (82), 2 states have internal predecessors, (82), 2 states have call successors, (24), 2 states have call predecessors, (24), 2 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:33,517 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:33,518 INFO L93 Difference]: Finished difference Result 710 states and 1050 transitions. [2025-03-03 14:25:33,519 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:25:33,520 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 41.0) internal successors, (82), 2 states have internal predecessors, (82), 2 states have call successors, (24), 2 states have call predecessors, (24), 2 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) Word has length 154 [2025-03-03 14:25:33,520 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:33,529 INFO L225 Difference]: With dead ends: 710 [2025-03-03 14:25:33,529 INFO L226 Difference]: Without dead ends: 444 [2025-03-03 14:25:33,535 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 158 GetRequests, 155 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:33,539 INFO L435 NwaCegarLoop]: 676 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 676 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:33,540 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 676 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:33,551 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 444 states. [2025-03-03 14:25:33,583 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 444 to 444. [2025-03-03 14:25:33,587 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 444 states, 342 states have (on average 1.5292397660818713) internal successors, (523), 346 states have internal predecessors, (523), 73 states have call successors, (73), 28 states have call predecessors, (73), 28 states have return successors, (72), 71 states have call predecessors, (72), 72 states have call successors, (72) [2025-03-03 14:25:33,599 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 444 states to 444 states and 668 transitions. [2025-03-03 14:25:33,601 INFO L78 Accepts]: Start accepts. Automaton has 444 states and 668 transitions. Word has length 154 [2025-03-03 14:25:33,603 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:33,603 INFO L471 AbstractCegarLoop]: Abstraction has 444 states and 668 transitions. [2025-03-03 14:25:33,604 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 41.0) internal successors, (82), 2 states have internal predecessors, (82), 2 states have call successors, (24), 2 states have call predecessors, (24), 2 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:33,604 INFO L276 IsEmpty]: Start isEmpty. Operand 444 states and 668 transitions. [2025-03-03 14:25:33,611 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 156 [2025-03-03 14:25:33,611 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:33,613 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:33,621 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-03 14:25:33,814 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-03 14:25:33,814 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:33,815 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:33,815 INFO L85 PathProgramCache]: Analyzing trace with hash -2114922291, now seen corresponding path program 1 times [2025-03-03 14:25:33,815 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:33,816 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [700296254] [2025-03-03 14:25:33,816 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:33,816 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:33,854 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 155 statements into 1 equivalence classes. [2025-03-03 14:25:33,872 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 155 of 155 statements. [2025-03-03 14:25:33,872 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:33,872 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:34,115 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2025-03-03 14:25:34,115 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:34,115 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [700296254] [2025-03-03 14:25:34,115 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [700296254] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:34,115 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [495285222] [2025-03-03 14:25:34,115 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:34,115 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:34,115 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:34,118 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:34,120 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:25:34,282 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 155 statements into 1 equivalence classes. [2025-03-03 14:25:34,425 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 155 of 155 statements. [2025-03-03 14:25:34,425 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:34,425 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:34,430 INFO L256 TraceCheckSpWp]: Trace formula consists of 1299 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-03 14:25:34,439 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:34,476 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2025-03-03 14:25:34,476 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:25:34,476 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [495285222] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:34,476 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:25:34,476 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:25:34,476 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [412248592] [2025-03-03 14:25:34,476 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:34,477 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:34,477 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:34,478 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:34,478 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:25:34,478 INFO L87 Difference]: Start difference. First operand 444 states and 668 transitions. Second operand has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (24), 2 states have call predecessors, (24), 2 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:34,528 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:34,528 INFO L93 Difference]: Finished difference Result 699 states and 1028 transitions. [2025-03-03 14:25:34,528 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:34,528 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (24), 2 states have call predecessors, (24), 2 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) Word has length 155 [2025-03-03 14:25:34,529 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:34,534 INFO L225 Difference]: With dead ends: 699 [2025-03-03 14:25:34,534 INFO L226 Difference]: Without dead ends: 446 [2025-03-03 14:25:34,535 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 159 GetRequests, 155 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:25:34,536 INFO L435 NwaCegarLoop]: 667 mSDtfsCounter, 0 mSDsluCounter, 665 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1332 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:34,536 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1332 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:34,538 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 446 states. [2025-03-03 14:25:34,563 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 446 to 446. [2025-03-03 14:25:34,564 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 446 states, 344 states have (on average 1.5261627906976745) internal successors, (525), 348 states have internal predecessors, (525), 73 states have call successors, (73), 28 states have call predecessors, (73), 28 states have return successors, (72), 71 states have call predecessors, (72), 72 states have call successors, (72) [2025-03-03 14:25:34,571 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 446 states to 446 states and 670 transitions. [2025-03-03 14:25:34,572 INFO L78 Accepts]: Start accepts. Automaton has 446 states and 670 transitions. Word has length 155 [2025-03-03 14:25:34,572 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:34,572 INFO L471 AbstractCegarLoop]: Abstraction has 446 states and 670 transitions. [2025-03-03 14:25:34,572 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (24), 2 states have call predecessors, (24), 2 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:34,572 INFO L276 IsEmpty]: Start isEmpty. Operand 446 states and 670 transitions. [2025-03-03 14:25:34,576 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 142 [2025-03-03 14:25:34,576 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:34,576 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:34,585 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2025-03-03 14:25:34,776 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-03 14:25:34,777 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:34,777 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:34,777 INFO L85 PathProgramCache]: Analyzing trace with hash 706506500, now seen corresponding path program 1 times [2025-03-03 14:25:34,777 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:34,777 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1784995199] [2025-03-03 14:25:34,778 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:34,778 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:34,801 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 141 statements into 1 equivalence classes. [2025-03-03 14:25:34,807 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 141 of 141 statements. [2025-03-03 14:25:34,807 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:34,807 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:35,009 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2025-03-03 14:25:35,009 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:35,009 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1784995199] [2025-03-03 14:25:35,009 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1784995199] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:35,009 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [837204364] [2025-03-03 14:25:35,009 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:35,009 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:35,010 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:35,014 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:35,015 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:25:35,163 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 141 statements into 1 equivalence classes. [2025-03-03 14:25:35,275 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 141 of 141 statements. [2025-03-03 14:25:35,275 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:35,275 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:35,281 INFO L256 TraceCheckSpWp]: Trace formula consists of 1233 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:25:35,286 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:35,307 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2025-03-03 14:25:35,308 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:25:35,308 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [837204364] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:35,308 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:25:35,308 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:25:35,308 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1008960546] [2025-03-03 14:25:35,308 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:35,308 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:35,308 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:35,309 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:35,309 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:25:35,309 INFO L87 Difference]: Start difference. First operand 446 states and 670 transitions. Second operand has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:35,344 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:35,344 INFO L93 Difference]: Finished difference Result 939 states and 1431 transitions. [2025-03-03 14:25:35,344 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:35,345 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 141 [2025-03-03 14:25:35,345 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:35,347 INFO L225 Difference]: With dead ends: 939 [2025-03-03 14:25:35,348 INFO L226 Difference]: Without dead ends: 520 [2025-03-03 14:25:35,349 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 145 GetRequests, 141 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:25:35,349 INFO L435 NwaCegarLoop]: 682 mSDtfsCounter, 134 mSDsluCounter, 621 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 152 SdHoareTripleChecker+Valid, 1303 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:35,350 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [152 Valid, 1303 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:35,351 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 520 states. [2025-03-03 14:25:35,362 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 520 to 512. [2025-03-03 14:25:35,363 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 512 states, 396 states have (on average 1.547979797979798) internal successors, (613), 400 states have internal predecessors, (613), 87 states have call successors, (87), 28 states have call predecessors, (87), 28 states have return successors, (86), 85 states have call predecessors, (86), 86 states have call successors, (86) [2025-03-03 14:25:35,366 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 512 states to 512 states and 786 transitions. [2025-03-03 14:25:35,367 INFO L78 Accepts]: Start accepts. Automaton has 512 states and 786 transitions. Word has length 141 [2025-03-03 14:25:35,367 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:35,367 INFO L471 AbstractCegarLoop]: Abstraction has 512 states and 786 transitions. [2025-03-03 14:25:35,367 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:35,367 INFO L276 IsEmpty]: Start isEmpty. Operand 512 states and 786 transitions. [2025-03-03 14:25:35,369 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 143 [2025-03-03 14:25:35,369 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:35,369 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:35,377 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2025-03-03 14:25:35,574 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:35,574 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:35,574 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:35,575 INFO L85 PathProgramCache]: Analyzing trace with hash 1942089473, now seen corresponding path program 1 times [2025-03-03 14:25:35,575 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:35,575 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1001081928] [2025-03-03 14:25:35,575 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:35,575 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:35,597 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 142 statements into 1 equivalence classes. [2025-03-03 14:25:35,602 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 142 of 142 statements. [2025-03-03 14:25:35,602 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:35,602 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:35,727 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2025-03-03 14:25:35,727 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:35,727 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1001081928] [2025-03-03 14:25:35,727 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1001081928] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:35,727 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [326171887] [2025-03-03 14:25:35,727 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:35,727 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:35,727 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:35,729 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:35,731 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-03 14:25:35,875 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 142 statements into 1 equivalence classes. [2025-03-03 14:25:36,006 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 142 of 142 statements. [2025-03-03 14:25:36,006 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:36,006 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:36,011 INFO L256 TraceCheckSpWp]: Trace formula consists of 1238 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-03 14:25:36,015 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:36,056 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2025-03-03 14:25:36,056 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:25:36,057 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [326171887] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:36,057 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:25:36,057 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:25:36,057 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1770455524] [2025-03-03 14:25:36,057 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:36,057 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:25:36,057 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:36,058 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:25:36,058 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:25:36,058 INFO L87 Difference]: Start difference. First operand 512 states and 786 transitions. Second operand has 5 states, 4 states have (on average 22.5) internal successors, (90), 5 states have internal predecessors, (90), 3 states have call successors, (21), 2 states have call predecessors, (21), 3 states have return successors, (18), 2 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:36,110 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:36,110 INFO L93 Difference]: Finished difference Result 1015 states and 1562 transitions. [2025-03-03 14:25:36,110 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:25:36,111 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 22.5) internal successors, (90), 5 states have internal predecessors, (90), 3 states have call successors, (21), 2 states have call predecessors, (21), 3 states have return successors, (18), 2 states have call predecessors, (18), 3 states have call successors, (18) Word has length 142 [2025-03-03 14:25:36,111 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:36,114 INFO L225 Difference]: With dead ends: 1015 [2025-03-03 14:25:36,114 INFO L226 Difference]: Without dead ends: 514 [2025-03-03 14:25:36,115 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 146 GetRequests, 140 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:25:36,116 INFO L435 NwaCegarLoop]: 660 mSDtfsCounter, 2 mSDsluCounter, 1969 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2629 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:36,116 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2629 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:36,117 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 514 states. [2025-03-03 14:25:36,130 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 514 to 514. [2025-03-03 14:25:36,131 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 514 states, 397 states have (on average 1.5465994962216625) internal successors, (614), 402 states have internal predecessors, (614), 87 states have call successors, (87), 28 states have call predecessors, (87), 29 states have return successors, (88), 85 states have call predecessors, (88), 86 states have call successors, (88) [2025-03-03 14:25:36,138 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 514 states to 514 states and 789 transitions. [2025-03-03 14:25:36,138 INFO L78 Accepts]: Start accepts. Automaton has 514 states and 789 transitions. Word has length 142 [2025-03-03 14:25:36,139 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:36,139 INFO L471 AbstractCegarLoop]: Abstraction has 514 states and 789 transitions. [2025-03-03 14:25:36,139 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 22.5) internal successors, (90), 5 states have internal predecessors, (90), 3 states have call successors, (21), 2 states have call predecessors, (21), 3 states have return successors, (18), 2 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:36,139 INFO L276 IsEmpty]: Start isEmpty. Operand 514 states and 789 transitions. [2025-03-03 14:25:36,141 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 163 [2025-03-03 14:25:36,141 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:36,142 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:36,150 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2025-03-03 14:25:36,342 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:36,342 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:36,343 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:36,343 INFO L85 PathProgramCache]: Analyzing trace with hash -1943953057, now seen corresponding path program 1 times [2025-03-03 14:25:36,343 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:36,343 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [268393433] [2025-03-03 14:25:36,343 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:36,343 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:36,362 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 162 statements into 1 equivalence classes. [2025-03-03 14:25:36,368 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 162 of 162 statements. [2025-03-03 14:25:36,368 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:36,368 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:36,501 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:36,501 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:36,501 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [268393433] [2025-03-03 14:25:36,501 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [268393433] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:36,501 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1518455256] [2025-03-03 14:25:36,501 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:36,501 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:36,502 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:36,503 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:36,505 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-03 14:25:36,656 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 162 statements into 1 equivalence classes. [2025-03-03 14:25:36,769 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 162 of 162 statements. [2025-03-03 14:25:36,769 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:36,769 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:36,777 INFO L256 TraceCheckSpWp]: Trace formula consists of 1317 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:25:36,780 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:36,829 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2025-03-03 14:25:36,829 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:25:36,829 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1518455256] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:36,829 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:25:36,829 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-03 14:25:36,829 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [573831741] [2025-03-03 14:25:36,830 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:36,830 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:25:36,830 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:36,830 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:25:36,830 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:25:36,831 INFO L87 Difference]: Start difference. First operand 514 states and 789 transitions. Second operand has 5 states, 5 states have (on average 19.8) internal successors, (99), 5 states have internal predecessors, (99), 3 states have call successors, (24), 2 states have call predecessors, (24), 3 states have return successors, (21), 3 states have call predecessors, (21), 3 states have call successors, (21) [2025-03-03 14:25:36,892 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:36,892 INFO L93 Difference]: Finished difference Result 1017 states and 1567 transitions. [2025-03-03 14:25:36,893 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:25:36,893 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 19.8) internal successors, (99), 5 states have internal predecessors, (99), 3 states have call successors, (24), 2 states have call predecessors, (24), 3 states have return successors, (21), 3 states have call predecessors, (21), 3 states have call successors, (21) Word has length 162 [2025-03-03 14:25:36,893 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:36,898 INFO L225 Difference]: With dead ends: 1017 [2025-03-03 14:25:36,898 INFO L226 Difference]: Without dead ends: 516 [2025-03-03 14:25:36,900 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 169 GetRequests, 160 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:25:36,901 INFO L435 NwaCegarLoop]: 658 mSDtfsCounter, 2 mSDsluCounter, 1957 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2615 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:36,902 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2615 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:36,902 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 516 states. [2025-03-03 14:25:36,915 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 516 to 516. [2025-03-03 14:25:36,916 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 516 states, 398 states have (on average 1.5452261306532664) internal successors, (615), 404 states have internal predecessors, (615), 87 states have call successors, (87), 28 states have call predecessors, (87), 30 states have return successors, (93), 85 states have call predecessors, (93), 86 states have call successors, (93) [2025-03-03 14:25:36,919 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 516 states to 516 states and 795 transitions. [2025-03-03 14:25:36,919 INFO L78 Accepts]: Start accepts. Automaton has 516 states and 795 transitions. Word has length 162 [2025-03-03 14:25:36,919 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:36,919 INFO L471 AbstractCegarLoop]: Abstraction has 516 states and 795 transitions. [2025-03-03 14:25:36,920 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 19.8) internal successors, (99), 5 states have internal predecessors, (99), 3 states have call successors, (24), 2 states have call predecessors, (24), 3 states have return successors, (21), 3 states have call predecessors, (21), 3 states have call successors, (21) [2025-03-03 14:25:36,920 INFO L276 IsEmpty]: Start isEmpty. Operand 516 states and 795 transitions. [2025-03-03 14:25:36,922 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 145 [2025-03-03 14:25:36,922 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:36,922 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:36,930 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Ended with exit code 0 [2025-03-03 14:25:37,122 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:37,123 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:37,123 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:37,123 INFO L85 PathProgramCache]: Analyzing trace with hash -1694499034, now seen corresponding path program 1 times [2025-03-03 14:25:37,123 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:37,123 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [279899542] [2025-03-03 14:25:37,123 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:37,123 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:37,144 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 144 statements into 1 equivalence classes. [2025-03-03 14:25:37,149 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 144 of 144 statements. [2025-03-03 14:25:37,149 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:37,149 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:37,274 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2025-03-03 14:25:37,274 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:37,274 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [279899542] [2025-03-03 14:25:37,274 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [279899542] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:37,274 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:37,274 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:25:37,274 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [565074569] [2025-03-03 14:25:37,275 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:37,275 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:25:37,275 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:37,275 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:25:37,275 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:37,276 INFO L87 Difference]: Start difference. First operand 516 states and 795 transitions. Second operand has 5 states, 4 states have (on average 22.0) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:37,319 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:37,319 INFO L93 Difference]: Finished difference Result 1009 states and 1558 transitions. [2025-03-03 14:25:37,319 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:25:37,320 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 22.0) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 3 states have call successors, (18) Word has length 144 [2025-03-03 14:25:37,320 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:37,323 INFO L225 Difference]: With dead ends: 1009 [2025-03-03 14:25:37,324 INFO L226 Difference]: Without dead ends: 516 [2025-03-03 14:25:37,325 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:37,326 INFO L435 NwaCegarLoop]: 661 mSDtfsCounter, 2 mSDsluCounter, 1972 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2633 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:37,327 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2633 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:37,329 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 516 states. [2025-03-03 14:25:37,348 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 516 to 516. [2025-03-03 14:25:37,349 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 516 states, 398 states have (on average 1.5452261306532664) internal successors, (615), 404 states have internal predecessors, (615), 87 states have call successors, (87), 28 states have call predecessors, (87), 30 states have return successors, (92), 85 states have call predecessors, (92), 86 states have call successors, (92) [2025-03-03 14:25:37,352 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 516 states to 516 states and 794 transitions. [2025-03-03 14:25:37,353 INFO L78 Accepts]: Start accepts. Automaton has 516 states and 794 transitions. Word has length 144 [2025-03-03 14:25:37,353 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:37,353 INFO L471 AbstractCegarLoop]: Abstraction has 516 states and 794 transitions. [2025-03-03 14:25:37,353 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 22.0) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:37,354 INFO L276 IsEmpty]: Start isEmpty. Operand 516 states and 794 transitions. [2025-03-03 14:25:37,357 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 146 [2025-03-03 14:25:37,357 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:37,357 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:37,357 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:25:37,357 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:37,358 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:37,358 INFO L85 PathProgramCache]: Analyzing trace with hash 298073549, now seen corresponding path program 2 times [2025-03-03 14:25:37,358 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:37,358 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [105281761] [2025-03-03 14:25:37,358 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:25:37,358 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:37,380 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 145 statements into 2 equivalence classes. [2025-03-03 14:25:37,394 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 145 of 145 statements. [2025-03-03 14:25:37,394 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-03 14:25:37,394 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:37,505 INFO L134 CoverageAnalysis]: Checked inductivity of 39 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 33 trivial. 0 not checked. [2025-03-03 14:25:37,505 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:37,505 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [105281761] [2025-03-03 14:25:37,506 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [105281761] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:37,506 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:37,506 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:25:37,506 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [289630992] [2025-03-03 14:25:37,506 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:37,506 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:25:37,506 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:37,507 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:25:37,507 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:37,507 INFO L87 Difference]: Start difference. First operand 516 states and 794 transitions. Second operand has 5 states, 5 states have (on average 17.6) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:37,563 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:37,563 INFO L93 Difference]: Finished difference Result 1007 states and 1553 transitions. [2025-03-03 14:25:37,564 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:25:37,564 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 17.6) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) Word has length 145 [2025-03-03 14:25:37,565 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:37,569 INFO L225 Difference]: With dead ends: 1007 [2025-03-03 14:25:37,569 INFO L226 Difference]: Without dead ends: 516 [2025-03-03 14:25:37,570 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:37,571 INFO L435 NwaCegarLoop]: 659 mSDtfsCounter, 2 mSDsluCounter, 1960 mSDsCounter, 0 mSdLazyCounter, 45 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2619 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 45 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:37,572 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2619 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 45 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:37,573 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 516 states. [2025-03-03 14:25:37,589 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 516 to 516. [2025-03-03 14:25:37,590 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 516 states, 398 states have (on average 1.5452261306532664) internal successors, (615), 404 states have internal predecessors, (615), 87 states have call successors, (87), 28 states have call predecessors, (87), 30 states have return successors, (91), 85 states have call predecessors, (91), 86 states have call successors, (91) [2025-03-03 14:25:37,593 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 516 states to 516 states and 793 transitions. [2025-03-03 14:25:37,594 INFO L78 Accepts]: Start accepts. Automaton has 516 states and 793 transitions. Word has length 145 [2025-03-03 14:25:37,594 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:37,594 INFO L471 AbstractCegarLoop]: Abstraction has 516 states and 793 transitions. [2025-03-03 14:25:37,594 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 17.6) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:37,594 INFO L276 IsEmpty]: Start isEmpty. Operand 516 states and 793 transitions. [2025-03-03 14:25:37,596 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 166 [2025-03-03 14:25:37,596 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:37,596 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:37,597 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:25:37,597 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:37,597 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:37,597 INFO L85 PathProgramCache]: Analyzing trace with hash -950536638, now seen corresponding path program 1 times [2025-03-03 14:25:37,597 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:37,597 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [707378280] [2025-03-03 14:25:37,597 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:37,597 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:37,617 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 165 statements into 1 equivalence classes. [2025-03-03 14:25:37,622 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 165 of 165 statements. [2025-03-03 14:25:37,622 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:37,623 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:37,768 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2025-03-03 14:25:37,768 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:37,768 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [707378280] [2025-03-03 14:25:37,769 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [707378280] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:37,769 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:37,769 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:25:37,769 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [557684415] [2025-03-03 14:25:37,769 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:37,769 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:25:37,769 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:37,770 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:25:37,770 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:37,770 INFO L87 Difference]: Start difference. First operand 516 states and 793 transitions. Second operand has 5 states, 4 states have (on average 24.0) internal successors, (96), 5 states have internal predecessors, (96), 3 states have call successors, (24), 2 states have call predecessors, (24), 2 states have return successors, (21), 2 states have call predecessors, (21), 3 states have call successors, (21) [2025-03-03 14:25:37,814 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:37,814 INFO L93 Difference]: Finished difference Result 1011 states and 1559 transitions. [2025-03-03 14:25:37,815 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:25:37,815 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 24.0) internal successors, (96), 5 states have internal predecessors, (96), 3 states have call successors, (24), 2 states have call predecessors, (24), 2 states have return successors, (21), 2 states have call predecessors, (21), 3 states have call successors, (21) Word has length 165 [2025-03-03 14:25:37,816 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:37,819 INFO L225 Difference]: With dead ends: 1011 [2025-03-03 14:25:37,819 INFO L226 Difference]: Without dead ends: 518 [2025-03-03 14:25:37,820 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:37,821 INFO L435 NwaCegarLoop]: 662 mSDtfsCounter, 1 mSDsluCounter, 1974 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2636 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:37,821 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2636 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:37,822 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 518 states. [2025-03-03 14:25:37,837 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 518 to 518. [2025-03-03 14:25:37,838 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 518 states, 399 states have (on average 1.543859649122807) internal successors, (616), 406 states have internal predecessors, (616), 87 states have call successors, (87), 28 states have call predecessors, (87), 31 states have return successors, (93), 85 states have call predecessors, (93), 86 states have call successors, (93) [2025-03-03 14:25:37,841 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 518 states to 518 states and 796 transitions. [2025-03-03 14:25:37,841 INFO L78 Accepts]: Start accepts. Automaton has 518 states and 796 transitions. Word has length 165 [2025-03-03 14:25:37,842 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:37,842 INFO L471 AbstractCegarLoop]: Abstraction has 518 states and 796 transitions. [2025-03-03 14:25:37,842 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 24.0) internal successors, (96), 5 states have internal predecessors, (96), 3 states have call successors, (24), 2 states have call predecessors, (24), 2 states have return successors, (21), 2 states have call predecessors, (21), 3 states have call successors, (21) [2025-03-03 14:25:37,842 INFO L276 IsEmpty]: Start isEmpty. Operand 518 states and 796 transitions. [2025-03-03 14:25:37,844 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 148 [2025-03-03 14:25:37,844 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:37,844 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:37,844 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:25:37,844 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:37,845 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:37,845 INFO L85 PathProgramCache]: Analyzing trace with hash -973768334, now seen corresponding path program 1 times [2025-03-03 14:25:37,845 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:37,845 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [884514126] [2025-03-03 14:25:37,845 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:37,845 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:37,868 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 147 statements into 1 equivalence classes. [2025-03-03 14:25:37,873 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 147 of 147 statements. [2025-03-03 14:25:37,873 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:37,873 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:37,962 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 33 trivial. 0 not checked. [2025-03-03 14:25:37,962 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:37,963 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [884514126] [2025-03-03 14:25:37,964 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [884514126] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:37,964 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:37,964 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:25:37,964 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1509034020] [2025-03-03 14:25:37,964 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:37,965 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:25:37,965 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:37,965 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:25:37,965 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:37,965 INFO L87 Difference]: Start difference. First operand 518 states and 796 transitions. Second operand has 5 states, 4 states have (on average 22.5) internal successors, (90), 5 states have internal predecessors, (90), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:38,016 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:38,017 INFO L93 Difference]: Finished difference Result 1013 states and 1562 transitions. [2025-03-03 14:25:38,017 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:25:38,017 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 22.5) internal successors, (90), 5 states have internal predecessors, (90), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 3 states have call successors, (18) Word has length 147 [2025-03-03 14:25:38,018 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:38,021 INFO L225 Difference]: With dead ends: 1013 [2025-03-03 14:25:38,021 INFO L226 Difference]: Without dead ends: 520 [2025-03-03 14:25:38,023 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:25:38,024 INFO L435 NwaCegarLoop]: 660 mSDtfsCounter, 0 mSDsluCounter, 1969 mSDsCounter, 0 mSdLazyCounter, 35 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1 SdHoareTripleChecker+Valid, 2629 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 35 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:38,024 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [1 Valid, 2629 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 35 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:38,025 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 520 states. [2025-03-03 14:25:38,039 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 520 to 518. [2025-03-03 14:25:38,041 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 518 states, 399 states have (on average 1.543859649122807) internal successors, (616), 406 states have internal predecessors, (616), 87 states have call successors, (87), 28 states have call predecessors, (87), 31 states have return successors, (93), 85 states have call predecessors, (93), 86 states have call successors, (93) [2025-03-03 14:25:38,044 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 518 states to 518 states and 796 transitions. [2025-03-03 14:25:38,045 INFO L78 Accepts]: Start accepts. Automaton has 518 states and 796 transitions. Word has length 147 [2025-03-03 14:25:38,045 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:38,045 INFO L471 AbstractCegarLoop]: Abstraction has 518 states and 796 transitions. [2025-03-03 14:25:38,045 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 22.5) internal successors, (90), 5 states have internal predecessors, (90), 3 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 3 states have call successors, (18) [2025-03-03 14:25:38,045 INFO L276 IsEmpty]: Start isEmpty. Operand 518 states and 796 transitions. [2025-03-03 14:25:38,047 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 148 [2025-03-03 14:25:38,047 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:38,047 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:38,047 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:25:38,048 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:38,048 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:38,048 INFO L85 PathProgramCache]: Analyzing trace with hash -150086863, now seen corresponding path program 1 times [2025-03-03 14:25:38,048 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:38,048 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2102064088] [2025-03-03 14:25:38,048 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:38,048 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:38,068 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 147 statements into 1 equivalence classes. [2025-03-03 14:25:38,073 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 147 of 147 statements. [2025-03-03 14:25:38,073 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:38,073 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:38,199 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 26 trivial. 0 not checked. [2025-03-03 14:25:38,200 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:38,200 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2102064088] [2025-03-03 14:25:38,200 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2102064088] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:38,200 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:38,200 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:25:38,200 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1488972481] [2025-03-03 14:25:38,200 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:38,200 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:25:38,200 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:38,201 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:25:38,201 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:25:38,201 INFO L87 Difference]: Start difference. First operand 518 states and 796 transitions. Second operand has 8 states, 7 states have (on average 13.428571428571429) internal successors, (94), 8 states have internal predecessors, (94), 4 states have call successors, (21), 2 states have call predecessors, (21), 3 states have return successors, (18), 3 states have call predecessors, (18), 4 states have call successors, (18) [2025-03-03 14:25:38,346 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:38,347 INFO L93 Difference]: Finished difference Result 1018 states and 1571 transitions. [2025-03-03 14:25:38,347 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-03-03 14:25:38,347 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 13.428571428571429) internal successors, (94), 8 states have internal predecessors, (94), 4 states have call successors, (21), 2 states have call predecessors, (21), 3 states have return successors, (18), 3 states have call predecessors, (18), 4 states have call successors, (18) Word has length 147 [2025-03-03 14:25:38,348 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:38,352 INFO L225 Difference]: With dead ends: 1018 [2025-03-03 14:25:38,353 INFO L226 Difference]: Without dead ends: 525 [2025-03-03 14:25:38,355 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2025-03-03 14:25:38,356 INFO L435 NwaCegarLoop]: 654 mSDtfsCounter, 5 mSDsluCounter, 3895 mSDsCounter, 0 mSdLazyCounter, 164 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 6 SdHoareTripleChecker+Valid, 4549 SdHoareTripleChecker+Invalid, 169 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 164 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:38,356 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [6 Valid, 4549 Invalid, 169 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 164 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:25:38,357 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 525 states. [2025-03-03 14:25:38,374 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 525 to 523. [2025-03-03 14:25:38,375 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 523 states, 403 states have (on average 1.5409429280397022) internal successors, (621), 410 states have internal predecessors, (621), 87 states have call successors, (87), 29 states have call predecessors, (87), 32 states have return successors, (98), 85 states have call predecessors, (98), 86 states have call successors, (98) [2025-03-03 14:25:38,378 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 523 states to 523 states and 806 transitions. [2025-03-03 14:25:38,380 INFO L78 Accepts]: Start accepts. Automaton has 523 states and 806 transitions. Word has length 147 [2025-03-03 14:25:38,380 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:38,380 INFO L471 AbstractCegarLoop]: Abstraction has 523 states and 806 transitions. [2025-03-03 14:25:38,380 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 13.428571428571429) internal successors, (94), 8 states have internal predecessors, (94), 4 states have call successors, (21), 2 states have call predecessors, (21), 3 states have return successors, (18), 3 states have call predecessors, (18), 4 states have call successors, (18) [2025-03-03 14:25:38,380 INFO L276 IsEmpty]: Start isEmpty. Operand 523 states and 806 transitions. [2025-03-03 14:25:38,384 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 149 [2025-03-03 14:25:38,385 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:38,385 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:38,385 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2025-03-03 14:25:38,385 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:38,385 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:38,386 INFO L85 PathProgramCache]: Analyzing trace with hash 1406247360, now seen corresponding path program 1 times [2025-03-03 14:25:38,386 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:38,386 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [889879127] [2025-03-03 14:25:38,386 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:38,386 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:38,406 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 148 statements into 1 equivalence classes. [2025-03-03 14:25:38,414 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 148 of 148 statements. [2025-03-03 14:25:38,414 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:38,414 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:38,495 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:38,495 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:38,495 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [889879127] [2025-03-03 14:25:38,495 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [889879127] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:38,495 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [261692219] [2025-03-03 14:25:38,495 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:38,495 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:38,496 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:38,497 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:38,499 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-03 14:25:38,655 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 148 statements into 1 equivalence classes. [2025-03-03 14:25:38,760 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 148 of 148 statements. [2025-03-03 14:25:38,760 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:38,760 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:38,765 INFO L256 TraceCheckSpWp]: Trace formula consists of 1244 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:25:38,768 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:38,785 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:38,785 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:25:38,868 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:38,869 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [261692219] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:25:38,869 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:25:38,869 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2025-03-03 14:25:38,869 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [200684910] [2025-03-03 14:25:38,869 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:25:38,869 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-03 14:25:38,871 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:38,871 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-03 14:25:38,871 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:25:38,872 INFO L87 Difference]: Start difference. First operand 523 states and 806 transitions. Second operand has 7 states, 7 states have (on average 18.571428571428573) internal successors, (130), 7 states have internal predecessors, (130), 2 states have call successors, (33), 2 states have call predecessors, (33), 2 states have return successors, (30), 2 states have call predecessors, (30), 2 states have call successors, (30) [2025-03-03 14:25:39,010 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:39,011 INFO L93 Difference]: Finished difference Result 1213 states and 1932 transitions. [2025-03-03 14:25:39,011 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-03 14:25:39,011 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 18.571428571428573) internal successors, (130), 7 states have internal predecessors, (130), 2 states have call successors, (33), 2 states have call predecessors, (33), 2 states have return successors, (30), 2 states have call predecessors, (30), 2 states have call successors, (30) Word has length 148 [2025-03-03 14:25:39,012 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:39,017 INFO L225 Difference]: With dead ends: 1213 [2025-03-03 14:25:39,017 INFO L226 Difference]: Without dead ends: 960 [2025-03-03 14:25:39,018 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 298 GetRequests, 293 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:25:39,019 INFO L435 NwaCegarLoop]: 699 mSDtfsCounter, 521 mSDsluCounter, 1790 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 12 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 575 SdHoareTripleChecker+Valid, 2489 SdHoareTripleChecker+Invalid, 99 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:39,019 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [575 Valid, 2489 Invalid, 99 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [12 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:25:39,020 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 960 states. [2025-03-03 14:25:39,041 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 960 to 936. [2025-03-03 14:25:39,043 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 936 states, 737 states have (on average 1.6132971506105835) internal successors, (1189), 744 states have internal predecessors, (1189), 166 states have call successors, (166), 29 states have call predecessors, (166), 32 states have return successors, (187), 164 states have call predecessors, (187), 165 states have call successors, (187) [2025-03-03 14:25:39,047 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 936 states to 936 states and 1542 transitions. [2025-03-03 14:25:39,049 INFO L78 Accepts]: Start accepts. Automaton has 936 states and 1542 transitions. Word has length 148 [2025-03-03 14:25:39,049 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:39,049 INFO L471 AbstractCegarLoop]: Abstraction has 936 states and 1542 transitions. [2025-03-03 14:25:39,049 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 18.571428571428573) internal successors, (130), 7 states have internal predecessors, (130), 2 states have call successors, (33), 2 states have call predecessors, (33), 2 states have return successors, (30), 2 states have call predecessors, (30), 2 states have call successors, (30) [2025-03-03 14:25:39,050 INFO L276 IsEmpty]: Start isEmpty. Operand 936 states and 1542 transitions. [2025-03-03 14:25:39,053 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 155 [2025-03-03 14:25:39,053 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:39,054 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:39,061 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2025-03-03 14:25:39,254 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:39,255 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:39,255 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:39,255 INFO L85 PathProgramCache]: Analyzing trace with hash 7901952, now seen corresponding path program 1 times [2025-03-03 14:25:39,256 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:39,256 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2107542308] [2025-03-03 14:25:39,256 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:39,256 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:39,274 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 154 statements into 1 equivalence classes. [2025-03-03 14:25:39,282 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 154 of 154 statements. [2025-03-03 14:25:39,282 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:39,282 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:39,312 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:39,313 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:39,313 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2107542308] [2025-03-03 14:25:39,313 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2107542308] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:39,313 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:39,313 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:39,313 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [566988837] [2025-03-03 14:25:39,313 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:39,313 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:39,313 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:39,314 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:39,314 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:39,314 INFO L87 Difference]: Start difference. First operand 936 states and 1542 transitions. Second operand has 3 states, 3 states have (on average 32.0) internal successors, (96), 3 states have internal predecessors, (96), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:39,380 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:39,380 INFO L93 Difference]: Finished difference Result 2221 states and 3714 transitions. [2025-03-03 14:25:39,381 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:39,381 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 32.0) internal successors, (96), 3 states have internal predecessors, (96), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 154 [2025-03-03 14:25:39,381 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:39,388 INFO L225 Difference]: With dead ends: 2221 [2025-03-03 14:25:39,388 INFO L226 Difference]: Without dead ends: 1354 [2025-03-03 14:25:39,391 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:39,392 INFO L435 NwaCegarLoop]: 685 mSDtfsCounter, 132 mSDsluCounter, 666 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 150 SdHoareTripleChecker+Valid, 1351 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:39,392 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [150 Valid, 1351 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:39,393 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1354 states. [2025-03-03 14:25:39,427 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1354 to 1346. [2025-03-03 14:25:39,430 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1346 states, 1068 states have (on average 1.6329588014981273) internal successors, (1744), 1075 states have internal predecessors, (1744), 245 states have call successors, (245), 29 states have call predecessors, (245), 32 states have return successors, (276), 243 states have call predecessors, (276), 244 states have call successors, (276) [2025-03-03 14:25:39,437 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1346 states to 1346 states and 2265 transitions. [2025-03-03 14:25:39,438 INFO L78 Accepts]: Start accepts. Automaton has 1346 states and 2265 transitions. Word has length 154 [2025-03-03 14:25:39,439 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:39,439 INFO L471 AbstractCegarLoop]: Abstraction has 1346 states and 2265 transitions. [2025-03-03 14:25:39,439 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 32.0) internal successors, (96), 3 states have internal predecessors, (96), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:39,439 INFO L276 IsEmpty]: Start isEmpty. Operand 1346 states and 2265 transitions. [2025-03-03 14:25:39,445 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 156 [2025-03-03 14:25:39,445 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:39,446 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:39,446 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-03 14:25:39,446 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:39,446 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:39,446 INFO L85 PathProgramCache]: Analyzing trace with hash 232599716, now seen corresponding path program 1 times [2025-03-03 14:25:39,447 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:39,447 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1946429430] [2025-03-03 14:25:39,447 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:39,447 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:39,463 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 155 statements into 1 equivalence classes. [2025-03-03 14:25:39,469 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 155 of 155 statements. [2025-03-03 14:25:39,469 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:39,469 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:39,496 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:39,496 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:39,496 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1946429430] [2025-03-03 14:25:39,497 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1946429430] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:39,497 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:39,497 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:39,497 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1693331695] [2025-03-03 14:25:39,497 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:39,497 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:39,497 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:39,498 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:39,498 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:39,498 INFO L87 Difference]: Start difference. First operand 1346 states and 2265 transitions. Second operand has 3 states, 3 states have (on average 32.333333333333336) internal successors, (97), 3 states have internal predecessors, (97), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:39,542 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:39,543 INFO L93 Difference]: Finished difference Result 3224 states and 5465 transitions. [2025-03-03 14:25:39,543 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:39,543 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 32.333333333333336) internal successors, (97), 3 states have internal predecessors, (97), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 155 [2025-03-03 14:25:39,543 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:39,554 INFO L225 Difference]: With dead ends: 3224 [2025-03-03 14:25:39,554 INFO L226 Difference]: Without dead ends: 1998 [2025-03-03 14:25:39,559 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:39,560 INFO L435 NwaCegarLoop]: 669 mSDtfsCounter, 130 mSDsluCounter, 661 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 148 SdHoareTripleChecker+Valid, 1330 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:39,560 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [148 Valid, 1330 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:39,562 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1998 states. [2025-03-03 14:25:39,623 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1998 to 1990. [2025-03-03 14:25:39,626 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1990 states, 1593 states have (on average 1.6465787821720026) internal successors, (2623), 1600 states have internal predecessors, (2623), 364 states have call successors, (364), 29 states have call predecessors, (364), 32 states have return successors, (395), 362 states have call predecessors, (395), 363 states have call successors, (395) [2025-03-03 14:25:39,636 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1990 states to 1990 states and 3382 transitions. [2025-03-03 14:25:39,638 INFO L78 Accepts]: Start accepts. Automaton has 1990 states and 3382 transitions. Word has length 155 [2025-03-03 14:25:39,639 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:39,639 INFO L471 AbstractCegarLoop]: Abstraction has 1990 states and 3382 transitions. [2025-03-03 14:25:39,639 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 32.333333333333336) internal successors, (97), 3 states have internal predecessors, (97), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:39,639 INFO L276 IsEmpty]: Start isEmpty. Operand 1990 states and 3382 transitions. [2025-03-03 14:25:39,649 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 176 [2025-03-03 14:25:39,650 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:39,650 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:39,650 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-03-03 14:25:39,650 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:39,650 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:39,651 INFO L85 PathProgramCache]: Analyzing trace with hash -653977304, now seen corresponding path program 1 times [2025-03-03 14:25:39,651 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:39,651 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [91056505] [2025-03-03 14:25:39,651 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:39,651 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:39,669 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 175 statements into 1 equivalence classes. [2025-03-03 14:25:39,675 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 175 of 175 statements. [2025-03-03 14:25:39,675 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:39,675 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:39,707 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:25:39,707 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:39,707 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [91056505] [2025-03-03 14:25:39,707 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [91056505] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:39,707 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:39,707 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:39,707 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1151823058] [2025-03-03 14:25:39,708 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:39,709 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:39,709 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:39,710 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:39,710 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:39,711 INFO L87 Difference]: Start difference. First operand 1990 states and 3382 transitions. Second operand has 3 states, 3 states have (on average 35.0) internal successors, (105), 3 states have internal predecessors, (105), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:39,771 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:39,772 INFO L93 Difference]: Finished difference Result 4736 states and 8115 transitions. [2025-03-03 14:25:39,772 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:39,772 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 35.0) internal successors, (105), 3 states have internal predecessors, (105), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) Word has length 175 [2025-03-03 14:25:39,772 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:39,788 INFO L225 Difference]: With dead ends: 4736 [2025-03-03 14:25:39,788 INFO L226 Difference]: Without dead ends: 2988 [2025-03-03 14:25:39,795 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:39,796 INFO L435 NwaCegarLoop]: 667 mSDtfsCounter, 128 mSDsluCounter, 658 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 1325 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:39,796 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 1325 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:39,799 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2988 states. [2025-03-03 14:25:39,912 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2988 to 2980. [2025-03-03 14:25:39,917 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2980 states, 2421 states have (on average 1.657166460140438) internal successors, (4012), 2428 states have internal predecessors, (4012), 526 states have call successors, (526), 29 states have call predecessors, (526), 32 states have return successors, (573), 524 states have call predecessors, (573), 525 states have call successors, (573) [2025-03-03 14:25:39,929 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2980 states to 2980 states and 5111 transitions. [2025-03-03 14:25:39,931 INFO L78 Accepts]: Start accepts. Automaton has 2980 states and 5111 transitions. Word has length 175 [2025-03-03 14:25:39,932 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:39,932 INFO L471 AbstractCegarLoop]: Abstraction has 2980 states and 5111 transitions. [2025-03-03 14:25:39,932 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 35.0) internal successors, (105), 3 states have internal predecessors, (105), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:39,932 INFO L276 IsEmpty]: Start isEmpty. Operand 2980 states and 5111 transitions. [2025-03-03 14:25:39,948 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 177 [2025-03-03 14:25:39,948 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:39,948 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:39,949 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-03 14:25:39,949 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:39,950 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:39,950 INFO L85 PathProgramCache]: Analyzing trace with hash -721123034, now seen corresponding path program 1 times [2025-03-03 14:25:39,950 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:39,950 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [725991032] [2025-03-03 14:25:39,950 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:39,950 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:39,969 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 176 statements into 1 equivalence classes. [2025-03-03 14:25:39,975 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 176 of 176 statements. [2025-03-03 14:25:39,975 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:39,975 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:40,004 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:25:40,004 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:40,004 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [725991032] [2025-03-03 14:25:40,004 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [725991032] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:40,004 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:40,005 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:40,005 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1599947662] [2025-03-03 14:25:40,005 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:40,006 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:40,006 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:40,006 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:40,006 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:40,006 INFO L87 Difference]: Start difference. First operand 2980 states and 5111 transitions. Second operand has 3 states, 3 states have (on average 35.333333333333336) internal successors, (106), 3 states have internal predecessors, (106), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:40,104 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:40,104 INFO L93 Difference]: Finished difference Result 7129 states and 12316 transitions. [2025-03-03 14:25:40,105 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:40,105 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 35.333333333333336) internal successors, (106), 3 states have internal predecessors, (106), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) Word has length 176 [2025-03-03 14:25:40,105 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:40,130 INFO L225 Difference]: With dead ends: 7129 [2025-03-03 14:25:40,131 INFO L226 Difference]: Without dead ends: 4591 [2025-03-03 14:25:40,142 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:40,143 INFO L435 NwaCegarLoop]: 667 mSDtfsCounter, 126 mSDsluCounter, 658 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 1325 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:40,143 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 1325 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:40,147 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4591 states. [2025-03-03 14:25:40,313 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4591 to 4583. [2025-03-03 14:25:40,321 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4583 states, 3779 states have (on average 1.6647261180206403) internal successors, (6291), 3786 states have internal predecessors, (6291), 771 states have call successors, (771), 29 states have call predecessors, (771), 32 states have return successors, (844), 769 states have call predecessors, (844), 770 states have call successors, (844) [2025-03-03 14:25:40,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4583 states to 4583 states and 7906 transitions. [2025-03-03 14:25:40,343 INFO L78 Accepts]: Start accepts. Automaton has 4583 states and 7906 transitions. Word has length 176 [2025-03-03 14:25:40,344 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:40,344 INFO L471 AbstractCegarLoop]: Abstraction has 4583 states and 7906 transitions. [2025-03-03 14:25:40,344 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 35.333333333333336) internal successors, (106), 3 states have internal predecessors, (106), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:40,344 INFO L276 IsEmpty]: Start isEmpty. Operand 4583 states and 7906 transitions. [2025-03-03 14:25:40,365 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 178 [2025-03-03 14:25:40,366 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:40,366 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:40,366 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-03 14:25:40,366 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:40,366 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:40,366 INFO L85 PathProgramCache]: Analyzing trace with hash -654326521, now seen corresponding path program 1 times [2025-03-03 14:25:40,366 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:40,367 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1542834811] [2025-03-03 14:25:40,367 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:40,367 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:40,383 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 177 statements into 1 equivalence classes. [2025-03-03 14:25:40,393 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 177 of 177 statements. [2025-03-03 14:25:40,393 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:40,393 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:40,423 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:25:40,423 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:40,423 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1542834811] [2025-03-03 14:25:40,423 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1542834811] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:40,423 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:40,423 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:40,423 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1417953742] [2025-03-03 14:25:40,424 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:40,424 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:40,424 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:40,424 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:40,424 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:40,425 INFO L87 Difference]: Start difference. First operand 4583 states and 7906 transitions. Second operand has 3 states, 3 states have (on average 35.666666666666664) internal successors, (107), 3 states have internal predecessors, (107), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:40,563 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:40,563 INFO L93 Difference]: Finished difference Result 11119 states and 19320 transitions. [2025-03-03 14:25:40,564 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:40,564 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 35.666666666666664) internal successors, (107), 3 states have internal predecessors, (107), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) Word has length 177 [2025-03-03 14:25:40,564 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:40,603 INFO L225 Difference]: With dead ends: 11119 [2025-03-03 14:25:40,603 INFO L226 Difference]: Without dead ends: 7285 [2025-03-03 14:25:40,619 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:40,620 INFO L435 NwaCegarLoop]: 671 mSDtfsCounter, 124 mSDsluCounter, 656 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1327 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:40,620 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1327 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:40,626 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 7285 states. [2025-03-03 14:25:40,941 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 7285 to 7277. [2025-03-03 14:25:40,952 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7277 states, 5980 states have (on average 1.6650501672240803) internal successors, (9957), 5987 states have internal predecessors, (9957), 1264 states have call successors, (1264), 29 states have call predecessors, (1264), 32 states have return successors, (1381), 1262 states have call predecessors, (1381), 1263 states have call successors, (1381) [2025-03-03 14:25:40,988 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7277 states to 7277 states and 12602 transitions. [2025-03-03 14:25:40,995 INFO L78 Accepts]: Start accepts. Automaton has 7277 states and 12602 transitions. Word has length 177 [2025-03-03 14:25:40,996 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:40,996 INFO L471 AbstractCegarLoop]: Abstraction has 7277 states and 12602 transitions. [2025-03-03 14:25:40,996 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 35.666666666666664) internal successors, (107), 3 states have internal predecessors, (107), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:40,996 INFO L276 IsEmpty]: Start isEmpty. Operand 7277 states and 12602 transitions. [2025-03-03 14:25:41,029 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 160 [2025-03-03 14:25:41,030 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:41,030 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:41,030 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-03 14:25:41,030 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:41,030 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:41,031 INFO L85 PathProgramCache]: Analyzing trace with hash 2061979682, now seen corresponding path program 1 times [2025-03-03 14:25:41,031 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:41,031 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1287182923] [2025-03-03 14:25:41,031 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:41,031 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:41,051 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 159 statements into 1 equivalence classes. [2025-03-03 14:25:41,063 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 159 of 159 statements. [2025-03-03 14:25:41,063 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:41,063 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:41,096 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:41,099 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:41,099 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1287182923] [2025-03-03 14:25:41,099 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1287182923] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:41,099 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:41,099 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:41,099 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1265589049] [2025-03-03 14:25:41,099 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:41,100 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:41,100 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:41,101 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:41,101 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:41,101 INFO L87 Difference]: Start difference. First operand 7277 states and 12602 transitions. Second operand has 3 states, 3 states have (on average 33.666666666666664) internal successors, (101), 3 states have internal predecessors, (101), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:41,361 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:41,361 INFO L93 Difference]: Finished difference Result 18349 states and 31988 transitions. [2025-03-03 14:25:41,361 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:41,361 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 33.666666666666664) internal successors, (101), 3 states have internal predecessors, (101), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 159 [2025-03-03 14:25:41,361 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:41,417 INFO L225 Difference]: With dead ends: 18349 [2025-03-03 14:25:41,417 INFO L226 Difference]: Without dead ends: 12192 [2025-03-03 14:25:41,444 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:41,445 INFO L435 NwaCegarLoop]: 671 mSDtfsCounter, 122 mSDsluCounter, 661 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1332 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:41,445 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1332 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:41,455 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 12192 states. [2025-03-03 14:25:41,839 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 12192 to 12184. [2025-03-03 14:25:41,860 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12184 states, 10065 states have (on average 1.6666666666666667) internal successors, (16775), 10072 states have internal predecessors, (16775), 2086 states have call successors, (2086), 29 states have call predecessors, (2086), 32 states have return successors, (2281), 2084 states have call predecessors, (2281), 2085 states have call successors, (2281) [2025-03-03 14:25:41,909 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12184 states to 12184 states and 21142 transitions. [2025-03-03 14:25:41,914 INFO L78 Accepts]: Start accepts. Automaton has 12184 states and 21142 transitions. Word has length 159 [2025-03-03 14:25:41,914 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:41,914 INFO L471 AbstractCegarLoop]: Abstraction has 12184 states and 21142 transitions. [2025-03-03 14:25:41,915 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 33.666666666666664) internal successors, (101), 3 states have internal predecessors, (101), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:41,915 INFO L276 IsEmpty]: Start isEmpty. Operand 12184 states and 21142 transitions. [2025-03-03 14:25:41,958 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 180 [2025-03-03 14:25:41,959 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:41,959 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:41,959 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-03 14:25:41,959 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:41,959 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:41,959 INFO L85 PathProgramCache]: Analyzing trace with hash -1398512890, now seen corresponding path program 1 times [2025-03-03 14:25:41,960 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:41,960 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [936351250] [2025-03-03 14:25:41,960 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:41,960 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:41,977 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 179 statements into 1 equivalence classes. [2025-03-03 14:25:41,983 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 179 of 179 statements. [2025-03-03 14:25:41,983 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:41,983 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:42,022 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:25:42,022 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:42,022 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [936351250] [2025-03-03 14:25:42,022 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [936351250] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:42,022 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:42,022 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:42,022 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [102243814] [2025-03-03 14:25:42,022 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:42,022 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:42,023 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:42,023 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:42,023 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:42,023 INFO L87 Difference]: Start difference. First operand 12184 states and 21142 transitions. Second operand has 3 states, 3 states have (on average 36.333333333333336) internal successors, (109), 3 states have internal predecessors, (109), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:42,452 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:42,452 INFO L93 Difference]: Finished difference Result 29105 states and 50470 transitions. [2025-03-03 14:25:42,453 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:42,453 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 36.333333333333336) internal successors, (109), 3 states have internal predecessors, (109), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) Word has length 179 [2025-03-03 14:25:42,453 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:42,525 INFO L225 Difference]: With dead ends: 29105 [2025-03-03 14:25:42,526 INFO L226 Difference]: Without dead ends: 19008 [2025-03-03 14:25:42,564 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:42,564 INFO L435 NwaCegarLoop]: 669 mSDtfsCounter, 120 mSDsluCounter, 633 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1302 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:42,564 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1302 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:42,584 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 19008 states. [2025-03-03 14:25:43,293 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 19008 to 19000. [2025-03-03 14:25:43,323 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 19000 states, 15678 states have (on average 1.6443423906110473) internal successors, (25780), 15685 states have internal predecessors, (25780), 3289 states have call successors, (3289), 29 states have call predecessors, (3289), 32 states have return successors, (3628), 3287 states have call predecessors, (3628), 3288 states have call successors, (3628) [2025-03-03 14:25:43,395 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 19000 states to 19000 states and 32697 transitions. [2025-03-03 14:25:43,403 INFO L78 Accepts]: Start accepts. Automaton has 19000 states and 32697 transitions. Word has length 179 [2025-03-03 14:25:43,404 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:43,404 INFO L471 AbstractCegarLoop]: Abstraction has 19000 states and 32697 transitions. [2025-03-03 14:25:43,404 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 36.333333333333336) internal successors, (109), 3 states have internal predecessors, (109), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:43,404 INFO L276 IsEmpty]: Start isEmpty. Operand 19000 states and 32697 transitions. [2025-03-03 14:25:43,455 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 162 [2025-03-03 14:25:43,455 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:43,455 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:43,455 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-03 14:25:43,455 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:43,457 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:43,457 INFO L85 PathProgramCache]: Analyzing trace with hash -1084064415, now seen corresponding path program 1 times [2025-03-03 14:25:43,457 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:43,457 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1091704622] [2025-03-03 14:25:43,457 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:43,457 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:43,479 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 161 statements into 1 equivalence classes. [2025-03-03 14:25:43,489 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 161 of 161 statements. [2025-03-03 14:25:43,490 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:43,490 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:43,527 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:43,528 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:43,528 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1091704622] [2025-03-03 14:25:43,528 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1091704622] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:43,528 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:43,528 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:43,528 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [212596767] [2025-03-03 14:25:43,528 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:43,528 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:43,528 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:43,529 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:43,529 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:43,529 INFO L87 Difference]: Start difference. First operand 19000 states and 32697 transitions. Second operand has 3 states, 3 states have (on average 34.333333333333336) internal successors, (103), 3 states have internal predecessors, (103), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:44,185 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:44,186 INFO L93 Difference]: Finished difference Result 50142 states and 86655 transitions. [2025-03-03 14:25:44,186 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:44,186 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.333333333333336) internal successors, (103), 3 states have internal predecessors, (103), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 161 [2025-03-03 14:25:44,186 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:44,326 INFO L225 Difference]: With dead ends: 50142 [2025-03-03 14:25:44,326 INFO L226 Difference]: Without dead ends: 33863 [2025-03-03 14:25:44,379 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:44,379 INFO L435 NwaCegarLoop]: 667 mSDtfsCounter, 118 mSDsluCounter, 661 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1328 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:44,380 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1328 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:44,408 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 33863 states. [2025-03-03 14:25:45,345 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 33863 to 33855. [2025-03-03 14:25:45,392 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 33855 states, 28083 states have (on average 1.642167859559164) internal successors, (46117), 28090 states have internal predecessors, (46117), 5739 states have call successors, (5739), 29 states have call predecessors, (5739), 32 states have return successors, (6352), 5737 states have call predecessors, (6352), 5738 states have call successors, (6352) [2025-03-03 14:25:45,489 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 33855 states to 33855 states and 58208 transitions. [2025-03-03 14:25:45,503 INFO L78 Accepts]: Start accepts. Automaton has 33855 states and 58208 transitions. Word has length 161 [2025-03-03 14:25:45,503 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:45,503 INFO L471 AbstractCegarLoop]: Abstraction has 33855 states and 58208 transitions. [2025-03-03 14:25:45,504 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.333333333333336) internal successors, (103), 3 states have internal predecessors, (103), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:45,504 INFO L276 IsEmpty]: Start isEmpty. Operand 33855 states and 58208 transitions. [2025-03-03 14:25:45,559 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 163 [2025-03-03 14:25:45,560 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:45,560 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:45,560 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-03 14:25:45,560 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:45,560 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:45,561 INFO L85 PathProgramCache]: Analyzing trace with hash -301917500, now seen corresponding path program 1 times [2025-03-03 14:25:45,561 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:45,561 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1131409348] [2025-03-03 14:25:45,561 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:45,561 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:45,576 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 162 statements into 1 equivalence classes. [2025-03-03 14:25:45,582 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 162 of 162 statements. [2025-03-03 14:25:45,582 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:45,583 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:45,612 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:25:45,613 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:45,613 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1131409348] [2025-03-03 14:25:45,613 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1131409348] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:45,613 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:45,613 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:45,613 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [706809032] [2025-03-03 14:25:45,613 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:45,613 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:45,613 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:45,614 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:45,614 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:45,614 INFO L87 Difference]: Start difference. First operand 33855 states and 58208 transitions. Second operand has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:47,118 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:47,119 INFO L93 Difference]: Finished difference Result 92234 states and 159137 transitions. [2025-03-03 14:25:47,119 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:47,119 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 162 [2025-03-03 14:25:47,119 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:47,360 INFO L225 Difference]: With dead ends: 92234 [2025-03-03 14:25:47,361 INFO L226 Difference]: Without dead ends: 62007 [2025-03-03 14:25:47,426 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:47,429 INFO L435 NwaCegarLoop]: 670 mSDtfsCounter, 116 mSDsluCounter, 661 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1331 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:47,429 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1331 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:47,467 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62007 states. [2025-03-03 14:25:48,978 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62007 to 61999. [2025-03-03 14:25:49,070 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 61999 states, 51714 states have (on average 1.638724523339908) internal successors, (84745), 51721 states have internal predecessors, (84745), 10252 states have call successors, (10252), 29 states have call predecessors, (10252), 32 states have return successors, (11397), 10250 states have call predecessors, (11397), 10251 states have call successors, (11397) [2025-03-03 14:25:49,262 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 61999 states to 61999 states and 106394 transitions. [2025-03-03 14:25:49,289 INFO L78 Accepts]: Start accepts. Automaton has 61999 states and 106394 transitions. Word has length 162 [2025-03-03 14:25:49,290 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:49,290 INFO L471 AbstractCegarLoop]: Abstraction has 61999 states and 106394 transitions. [2025-03-03 14:25:49,290 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (21), 2 states have call predecessors, (21), 1 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:25:49,290 INFO L276 IsEmpty]: Start isEmpty. Operand 61999 states and 106394 transitions. [2025-03-03 14:25:49,376 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 183 [2025-03-03 14:25:49,376 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:49,376 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:49,376 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-03 14:25:49,377 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:49,377 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:49,378 INFO L85 PathProgramCache]: Analyzing trace with hash 1322836841, now seen corresponding path program 1 times [2025-03-03 14:25:49,378 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:49,378 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [417847828] [2025-03-03 14:25:49,378 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:49,379 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:49,397 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 182 statements into 1 equivalence classes. [2025-03-03 14:25:49,406 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 182 of 182 statements. [2025-03-03 14:25:49,407 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:49,407 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:49,440 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:25:49,441 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:49,441 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [417847828] [2025-03-03 14:25:49,441 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [417847828] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:25:49,441 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:25:49,441 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:25:49,441 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1852020099] [2025-03-03 14:25:49,441 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:25:49,442 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:25:49,442 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:49,442 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:25:49,442 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:49,443 INFO L87 Difference]: Start difference. First operand 61999 states and 106394 transitions. Second operand has 3 states, 3 states have (on average 37.333333333333336) internal successors, (112), 3 states have internal predecessors, (112), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:51,836 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:25:51,837 INFO L93 Difference]: Finished difference Result 116100 states and 199692 transitions. [2025-03-03 14:25:51,837 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:25:51,837 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 37.333333333333336) internal successors, (112), 3 states have internal predecessors, (112), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) Word has length 182 [2025-03-03 14:25:51,837 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:25:52,371 INFO L225 Difference]: With dead ends: 116100 [2025-03-03 14:25:52,371 INFO L226 Difference]: Without dead ends: 115847 [2025-03-03 14:25:52,469 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:25:52,471 INFO L435 NwaCegarLoop]: 669 mSDtfsCounter, 111 mSDsluCounter, 665 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1334 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:25:52,471 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1334 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:25:52,572 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 115847 states. [2025-03-03 14:25:55,860 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 115847 to 115839. [2025-03-03 14:25:55,977 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 115839 states, 97186 states have (on average 1.6340110715535159) internal successors, (158803), 97193 states have internal predecessors, (158803), 18620 states have call successors, (18620), 29 states have call predecessors, (18620), 32 states have return successors, (20811), 18618 states have call predecessors, (20811), 18619 states have call successors, (20811) [2025-03-03 14:25:56,438 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 115839 states to 115839 states and 198234 transitions. [2025-03-03 14:25:56,472 INFO L78 Accepts]: Start accepts. Automaton has 115839 states and 198234 transitions. Word has length 182 [2025-03-03 14:25:56,472 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:25:56,472 INFO L471 AbstractCegarLoop]: Abstraction has 115839 states and 198234 transitions. [2025-03-03 14:25:56,472 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 37.333333333333336) internal successors, (112), 3 states have internal predecessors, (112), 2 states have call successors, (24), 2 states have call predecessors, (24), 1 states have return successors, (21), 2 states have call predecessors, (21), 2 states have call successors, (21) [2025-03-03 14:25:56,473 INFO L276 IsEmpty]: Start isEmpty. Operand 115839 states and 198234 transitions. [2025-03-03 14:25:56,604 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 165 [2025-03-03 14:25:56,604 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:25:56,604 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:25:56,604 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2025-03-03 14:25:56,604 INFO L396 AbstractCegarLoop]: === Iteration 22 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:25:56,605 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:25:56,605 INFO L85 PathProgramCache]: Analyzing trace with hash 1810443333, now seen corresponding path program 1 times [2025-03-03 14:25:56,605 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:25:56,605 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [665620299] [2025-03-03 14:25:56,605 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:56,605 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:25:56,626 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 164 statements into 1 equivalence classes. [2025-03-03 14:25:56,639 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 164 of 164 statements. [2025-03-03 14:25:56,639 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:56,639 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:56,978 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2025-03-03 14:25:56,979 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:25:56,979 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [665620299] [2025-03-03 14:25:56,979 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [665620299] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:25:56,979 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [844571297] [2025-03-03 14:25:56,979 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:25:56,979 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:25:56,979 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:25:57,000 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:25:57,002 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Waiting until timeout for monitored process [2025-03-03 14:25:57,231 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 164 statements into 1 equivalence classes. [2025-03-03 14:25:57,341 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 164 of 164 statements. [2025-03-03 14:25:57,341 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:25:57,342 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:25:57,346 INFO L256 TraceCheckSpWp]: Trace formula consists of 1295 conjuncts, 13 conjuncts are in the unsatisfiable core [2025-03-03 14:25:57,351 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:25:57,550 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 18 proven. 6 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2025-03-03 14:25:57,551 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:25:57,894 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 2 proven. 8 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:25:57,894 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [844571297] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:25:57,894 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:25:57,895 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 9, 9] total 28 [2025-03-03 14:25:57,895 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [36944979] [2025-03-03 14:25:57,895 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:25:57,895 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 28 states [2025-03-03 14:25:57,895 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:25:57,896 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2025-03-03 14:25:57,896 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=68, Invalid=688, Unknown=0, NotChecked=0, Total=756 [2025-03-03 14:25:57,896 INFO L87 Difference]: Start difference. First operand 115839 states and 198234 transitions. Second operand has 28 states, 26 states have (on average 10.038461538461538) internal successors, (261), 24 states have internal predecessors, (261), 9 states have call successors, (54), 8 states have call predecessors, (54), 12 states have return successors, (47), 11 states have call predecessors, (47), 9 states have call successors, (47) [2025-03-03 14:26:12,787 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:12,787 INFO L93 Difference]: Finished difference Result 461979 states and 814453 transitions. [2025-03-03 14:26:12,788 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 91 states. [2025-03-03 14:26:12,788 INFO L78 Accepts]: Start accepts. Automaton has has 28 states, 26 states have (on average 10.038461538461538) internal successors, (261), 24 states have internal predecessors, (261), 9 states have call successors, (54), 8 states have call predecessors, (54), 12 states have return successors, (47), 11 states have call predecessors, (47), 9 states have call successors, (47) Word has length 164 [2025-03-03 14:26:12,788 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:14,926 INFO L225 Difference]: With dead ends: 461979 [2025-03-03 14:26:14,926 INFO L226 Difference]: Without dead ends: 461730 [2025-03-03 14:26:15,106 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 454 GetRequests, 343 SyntacticMatches, 0 SemanticMatches, 111 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3483 ImplicationChecksByTransitivity, 1.5s TimeCoverageRelationStatistics Valid=1363, Invalid=11293, Unknown=0, NotChecked=0, Total=12656 [2025-03-03 14:26:15,107 INFO L435 NwaCegarLoop]: 262 mSDtfsCounter, 9432 mSDsluCounter, 5260 mSDsCounter, 0 mSdLazyCounter, 13580 mSolverCounterSat, 3066 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 5.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 9507 SdHoareTripleChecker+Valid, 5522 SdHoareTripleChecker+Invalid, 16646 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 3066 IncrementalHoareTripleChecker+Valid, 13580 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 6.2s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:15,107 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [9507 Valid, 5522 Invalid, 16646 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [3066 Valid, 13580 Invalid, 0 Unknown, 0 Unchecked, 6.2s Time] [2025-03-03 14:26:15,372 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 461730 states.