./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec7_product29.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec7_product29.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 2586c6a9c5639b30d1f21b288976c8c026e2c567887902cc846265d5507c0a62 --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:26:02,181 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:26:02,238 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:26:02,247 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:26:02,248 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:26:02,266 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:26:02,267 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:26:02,267 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:26:02,268 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:26:02,268 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:26:02,268 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:26:02,268 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:26:02,268 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:26:02,268 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:26:02,268 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:26:02,268 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:26:02,268 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:26:02,269 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:26:02,269 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:26:02,269 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:26:02,269 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:26:02,269 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:26:02,270 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:26:02,270 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:26:02,270 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:26:02,270 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:26:02,271 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:26:02,271 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:26:02,271 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:26:02,271 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:26:02,271 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:26:02,271 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:26:02,271 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:26:02,271 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:26:02,271 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:26:02,271 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:26:02,272 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:26:02,272 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:26:02,272 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:26:02,272 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:26:02,272 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:26:02,272 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:26:02,272 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:26:02,272 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 2586c6a9c5639b30d1f21b288976c8c026e2c567887902cc846265d5507c0a62 [2025-03-03 14:26:02,490 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:26:02,496 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:26:02,497 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:26:02,498 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:26:02,498 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:26:02,499 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec7_product29.cil.c [2025-03-03 14:26:03,663 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/b05cc40c3/58d279350fe348bb97b04f2f5b4f436d/FLAG2652e3548 [2025-03-03 14:26:03,938 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:26:03,940 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec7_product29.cil.c [2025-03-03 14:26:03,952 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/b05cc40c3/58d279350fe348bb97b04f2f5b4f436d/FLAG2652e3548 [2025-03-03 14:26:03,962 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/b05cc40c3/58d279350fe348bb97b04f2f5b4f436d [2025-03-03 14:26:03,963 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:26:03,964 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:26:03,967 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:26:03,967 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:26:03,969 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:26:03,970 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:26:03" (1/1) ... [2025-03-03 14:26:03,972 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1b13bdd4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:03, skipping insertion in model container [2025-03-03 14:26:03,972 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:26:03" (1/1) ... [2025-03-03 14:26:04,011 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:26:04,259 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec7_product29.cil.c[16949,16962] [2025-03-03 14:26:04,388 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:26:04,405 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:26:04,412 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [48] [2025-03-03 14:26:04,413 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [368] [2025-03-03 14:26:04,414 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [734] [2025-03-03 14:26:04,414 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [743] [2025-03-03 14:26:04,414 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EncryptVerify_spec.i","") [959] [2025-03-03 14:26:04,415 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [978] [2025-03-03 14:26:04,415 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [1361] [2025-03-03 14:26:04,415 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [2425] [2025-03-03 14:26:04,415 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [2563] [2025-03-03 14:26:04,416 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [2580] [2025-03-03 14:26:04,416 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [2977] [2025-03-03 14:26:04,452 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec7_product29.cil.c[16949,16962] [2025-03-03 14:26:04,491 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:26:04,519 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:26:04,519 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04 WrapperNode [2025-03-03 14:26:04,519 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:26:04,520 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:26:04,520 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:26:04,520 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:26:04,525 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (1/1) ... [2025-03-03 14:26:04,543 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (1/1) ... [2025-03-03 14:26:04,581 INFO L138 Inliner]: procedures = 131, calls = 210, calls flagged for inlining = 55, calls inlined = 47, statements flattened = 909 [2025-03-03 14:26:04,581 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:26:04,582 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:26:04,582 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:26:04,582 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:26:04,589 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (1/1) ... [2025-03-03 14:26:04,589 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (1/1) ... [2025-03-03 14:26:04,594 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (1/1) ... [2025-03-03 14:26:04,617 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-03 14:26:04,617 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (1/1) ... [2025-03-03 14:26:04,617 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (1/1) ... [2025-03-03 14:26:04,627 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (1/1) ... [2025-03-03 14:26:04,629 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (1/1) ... [2025-03-03 14:26:04,631 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (1/1) ... [2025-03-03 14:26:04,633 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (1/1) ... [2025-03-03 14:26:04,641 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:26:04,642 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:26:04,642 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:26:04,642 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:26:04,643 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (1/1) ... [2025-03-03 14:26:04,647 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:26:04,656 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:04,668 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:26:04,674 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:26:04,689 INFO L130 BoogieDeclarations]: Found specification of procedure getClientPrivateKey [2025-03-03 14:26:04,689 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientPrivateKey [2025-03-03 14:26:04,689 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-03 14:26:04,690 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-03 14:26:04,690 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-03 14:26:04,690 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-03 14:26:04,690 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-03 14:26:04,690 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-03 14:26:04,690 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-03 14:26:04,690 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-03 14:26:04,690 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-03 14:26:04,690 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-03 14:26:04,690 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-03 14:26:04,691 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-03 14:26:04,691 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2025-03-03 14:26:04,691 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2025-03-03 14:26:04,691 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-03 14:26:04,691 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-03 14:26:04,691 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-03 14:26:04,691 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-03 14:26:04,691 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailSignKey [2025-03-03 14:26:04,692 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailSignKey [2025-03-03 14:26:04,692 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-03 14:26:04,692 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-03 14:26:04,692 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2025-03-03 14:26:04,692 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2025-03-03 14:26:04,692 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure isSigned [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure isSigned [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure isKeyPairValid [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure isKeyPairValid [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure findPublicKey [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure findPublicKey [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-03 14:26:04,693 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:26:04,693 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-03 14:26:04,694 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-03 14:26:04,694 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-03 14:26:04,694 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-03 14:26:04,694 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-03 14:26:04,694 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-03 14:26:04,694 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-03 14:26:04,694 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:26:04,694 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:26:04,861 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:26:04,864 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:26:04,961 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2884: #res := ~retValue_acc~39; [2025-03-03 14:26:04,974 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1269: #res := ~retValue_acc~8; [2025-03-03 14:26:05,016 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2014-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~19#1; [2025-03-03 14:26:05,016 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2059: #res#1 := ~retValue_acc~20#1; [2025-03-03 14:26:05,037 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2283: #res := ~retValue_acc~23; [2025-03-03 14:26:05,149 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2402-1: getClientId_#res#1 := getClientId_~retValue_acc~25#1; [2025-03-03 14:26:05,160 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1967: #res := ~retValue_acc~18; [2025-03-03 14:26:05,168 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2560-1: createEmail_#res#1 := createEmail_~retValue_acc~29#1; [2025-03-03 14:26:05,180 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1511: #res := ~retValue_acc~12; [2025-03-03 14:26:05,195 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2810: #res := ~retValue_acc~37; [2025-03-03 14:26:05,229 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2847: #res := ~retValue_acc~38; [2025-03-03 14:26:05,237 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2921: #res := ~retValue_acc~40; [2025-03-03 14:26:05,253 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2695: #res := ~retValue_acc~34; [2025-03-03 14:26:05,300 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1837: #res := ~retValue_acc~16; [2025-03-03 14:26:05,519 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L3009-1: valid_product_#res#1 := valid_product_~retValue_acc~43#1; [2025-03-03 14:26:05,519 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1226-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~5#1; [2025-03-03 14:26:05,519 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1235-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~6#1; [2025-03-03 14:26:05,519 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1244-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~7#1; [2025-03-03 14:26:05,519 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2229-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~22#1; [2025-03-03 14:26:05,519 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2122-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~21#1; [2025-03-03 14:26:05,527 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2658: #res := ~retValue_acc~33; [2025-03-03 14:26:05,537 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2536: #res#1 := ~retValue_acc~27#1; [2025-03-03 14:26:05,537 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2516-1: isReadable__wrappee__Keys_#res#1 := isReadable__wrappee__Keys_~retValue_acc~26#1; [2025-03-03 14:26:05,650 INFO L? ?]: Removed 499 outVars from TransFormulas that were not future-live. [2025-03-03 14:26:05,650 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:26:05,665 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:26:05,665 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:26:05,666 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:26:05 BoogieIcfgContainer [2025-03-03 14:26:05,666 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:26:05,671 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:26:05,671 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:26:05,674 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:26:05,675 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:26:03" (1/3) ... [2025-03-03 14:26:05,675 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1cf90ee0 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:26:05, skipping insertion in model container [2025-03-03 14:26:05,675 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:04" (2/3) ... [2025-03-03 14:26:05,675 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1cf90ee0 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:26:05, skipping insertion in model container [2025-03-03 14:26:05,675 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:26:05" (3/3) ... [2025-03-03 14:26:05,676 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec7_product29.cil.c [2025-03-03 14:26:05,687 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:26:05,689 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec7_product29.cil.c that has 29 procedures, 404 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-03 14:26:05,749 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:26:05,759 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@64082278, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:26:05,760 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:26:05,765 INFO L276 IsEmpty]: Start isEmpty. Operand has 404 states, 312 states have (on average 1.5544871794871795) internal successors, (485), 317 states have internal predecessors, (485), 62 states have call successors, (62), 28 states have call predecessors, (62), 28 states have return successors, (62), 61 states have call predecessors, (62), 62 states have call successors, (62) [2025-03-03 14:26:05,780 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 149 [2025-03-03 14:26:05,780 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:05,780 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:05,781 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:05,784 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:05,784 INFO L85 PathProgramCache]: Analyzing trace with hash 2017345504, now seen corresponding path program 1 times [2025-03-03 14:26:05,789 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:05,790 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1058064915] [2025-03-03 14:26:05,790 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:05,790 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:05,879 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 148 statements into 1 equivalence classes. [2025-03-03 14:26:05,963 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 148 of 148 statements. [2025-03-03 14:26:05,967 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:05,967 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:06,404 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2025-03-03 14:26:06,406 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:06,406 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1058064915] [2025-03-03 14:26:06,407 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1058064915] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:06,407 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2039139796] [2025-03-03 14:26:06,407 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:06,408 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:06,408 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:06,410 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:06,413 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:26:06,575 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 148 statements into 1 equivalence classes. [2025-03-03 14:26:06,704 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 148 of 148 statements. [2025-03-03 14:26:06,706 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:06,706 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:06,712 INFO L256 TraceCheckSpWp]: Trace formula consists of 1201 conjuncts, 1 conjuncts are in the unsatisfiable core [2025-03-03 14:26:06,720 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:06,736 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2025-03-03 14:26:06,736 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:06,736 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2039139796] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:06,736 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:06,737 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [5] total 5 [2025-03-03 14:26:06,739 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1473338536] [2025-03-03 14:26:06,739 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:06,743 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:26:06,744 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:06,757 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:26:06,758 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:06,760 INFO L87 Difference]: Start difference. First operand has 404 states, 312 states have (on average 1.5544871794871795) internal successors, (485), 317 states have internal predecessors, (485), 62 states have call successors, (62), 28 states have call predecessors, (62), 28 states have return successors, (62), 61 states have call predecessors, (62), 62 states have call successors, (62) Second operand has 2 states, 2 states have (on average 39.0) internal successors, (78), 2 states have internal predecessors, (78), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:06,807 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:06,808 INFO L93 Difference]: Finished difference Result 621 states and 918 transitions. [2025-03-03 14:26:06,809 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:26:06,810 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 39.0) internal successors, (78), 2 states have internal predecessors, (78), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 148 [2025-03-03 14:26:06,810 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:06,817 INFO L225 Difference]: With dead ends: 621 [2025-03-03 14:26:06,817 INFO L226 Difference]: Without dead ends: 397 [2025-03-03 14:26:06,821 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 152 GetRequests, 149 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:06,822 INFO L435 NwaCegarLoop]: 606 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 606 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:06,823 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 606 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:06,833 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 397 states. [2025-03-03 14:26:06,857 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 397 to 397. [2025-03-03 14:26:06,859 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 397 states, 306 states have (on average 1.5522875816993464) internal successors, (475), 310 states have internal predecessors, (475), 62 states have call successors, (62), 28 states have call predecessors, (62), 28 states have return successors, (61), 60 states have call predecessors, (61), 61 states have call successors, (61) [2025-03-03 14:26:06,863 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 397 states to 397 states and 598 transitions. [2025-03-03 14:26:06,865 INFO L78 Accepts]: Start accepts. Automaton has 397 states and 598 transitions. Word has length 148 [2025-03-03 14:26:06,866 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:06,866 INFO L471 AbstractCegarLoop]: Abstraction has 397 states and 598 transitions. [2025-03-03 14:26:06,866 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 39.0) internal successors, (78), 2 states have internal predecessors, (78), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:06,866 INFO L276 IsEmpty]: Start isEmpty. Operand 397 states and 598 transitions. [2025-03-03 14:26:06,874 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 150 [2025-03-03 14:26:06,875 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:06,875 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:06,883 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-03 14:26:07,080 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-03 14:26:07,080 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:07,081 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:07,081 INFO L85 PathProgramCache]: Analyzing trace with hash 1323143132, now seen corresponding path program 1 times [2025-03-03 14:26:07,081 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:07,081 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1062503718] [2025-03-03 14:26:07,081 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:07,081 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:07,114 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 149 statements into 1 equivalence classes. [2025-03-03 14:26:07,121 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 149 of 149 statements. [2025-03-03 14:26:07,122 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:07,122 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:07,293 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2025-03-03 14:26:07,293 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:07,293 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1062503718] [2025-03-03 14:26:07,293 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1062503718] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:07,293 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [323813023] [2025-03-03 14:26:07,293 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:07,293 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:07,293 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:07,295 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:07,297 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:26:07,434 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 149 statements into 1 equivalence classes. [2025-03-03 14:26:07,548 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 149 of 149 statements. [2025-03-03 14:26:07,548 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:07,548 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:07,553 INFO L256 TraceCheckSpWp]: Trace formula consists of 1202 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-03 14:26:07,557 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:07,588 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2025-03-03 14:26:07,588 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:07,588 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [323813023] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:07,588 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:07,588 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:26:07,588 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1486743876] [2025-03-03 14:26:07,588 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:07,589 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:07,589 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:07,590 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:07,590 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:26:07,590 INFO L87 Difference]: Start difference. First operand 397 states and 598 transitions. Second operand has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:07,632 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:07,633 INFO L93 Difference]: Finished difference Result 610 states and 896 transitions. [2025-03-03 14:26:07,633 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:07,633 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 149 [2025-03-03 14:26:07,634 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:07,636 INFO L225 Difference]: With dead ends: 610 [2025-03-03 14:26:07,636 INFO L226 Difference]: Without dead ends: 399 [2025-03-03 14:26:07,641 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 153 GetRequests, 149 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:26:07,642 INFO L435 NwaCegarLoop]: 597 mSDtfsCounter, 0 mSDsluCounter, 595 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1192 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:07,643 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1192 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:07,646 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 399 states. [2025-03-03 14:26:07,666 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 399 to 399. [2025-03-03 14:26:07,667 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 399 states, 308 states have (on average 1.5487012987012987) internal successors, (477), 312 states have internal predecessors, (477), 62 states have call successors, (62), 28 states have call predecessors, (62), 28 states have return successors, (61), 60 states have call predecessors, (61), 61 states have call successors, (61) [2025-03-03 14:26:07,669 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 399 states to 399 states and 600 transitions. [2025-03-03 14:26:07,670 INFO L78 Accepts]: Start accepts. Automaton has 399 states and 600 transitions. Word has length 149 [2025-03-03 14:26:07,670 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:07,671 INFO L471 AbstractCegarLoop]: Abstraction has 399 states and 600 transitions. [2025-03-03 14:26:07,671 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:07,671 INFO L276 IsEmpty]: Start isEmpty. Operand 399 states and 600 transitions. [2025-03-03 14:26:07,672 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 136 [2025-03-03 14:26:07,673 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:07,673 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:07,682 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:07,873 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-03 14:26:07,874 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:07,875 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:07,875 INFO L85 PathProgramCache]: Analyzing trace with hash -229967548, now seen corresponding path program 1 times [2025-03-03 14:26:07,875 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:07,875 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [332344866] [2025-03-03 14:26:07,875 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:07,876 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:07,895 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 135 statements into 1 equivalence classes. [2025-03-03 14:26:07,902 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 135 of 135 statements. [2025-03-03 14:26:07,902 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:07,902 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:08,088 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2025-03-03 14:26:08,088 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:08,088 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [332344866] [2025-03-03 14:26:08,088 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [332344866] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:08,088 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [539862462] [2025-03-03 14:26:08,088 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:08,088 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:08,088 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:08,091 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:08,092 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:26:08,223 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 135 statements into 1 equivalence classes. [2025-03-03 14:26:08,326 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 135 of 135 statements. [2025-03-03 14:26:08,326 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:08,326 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:08,330 INFO L256 TraceCheckSpWp]: Trace formula consists of 1136 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:26:08,334 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:08,352 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2025-03-03 14:26:08,352 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:08,352 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [539862462] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:08,352 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:08,352 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:26:08,352 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1117737177] [2025-03-03 14:26:08,352 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:08,355 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:08,357 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:08,357 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:08,357 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:26:08,357 INFO L87 Difference]: Start difference. First operand 399 states and 600 transitions. Second operand has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:08,389 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:08,390 INFO L93 Difference]: Finished difference Result 840 states and 1283 transitions. [2025-03-03 14:26:08,390 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:08,391 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) Word has length 135 [2025-03-03 14:26:08,391 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:08,393 INFO L225 Difference]: With dead ends: 840 [2025-03-03 14:26:08,393 INFO L226 Difference]: Without dead ends: 468 [2025-03-03 14:26:08,394 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 135 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:26:08,395 INFO L435 NwaCegarLoop]: 608 mSDtfsCounter, 126 mSDsluCounter, 551 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 1159 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:08,395 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 1159 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:08,396 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 468 states. [2025-03-03 14:26:08,415 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 468 to 460. [2025-03-03 14:26:08,416 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 460 states, 355 states have (on average 1.5690140845070422) internal successors, (557), 359 states have internal predecessors, (557), 76 states have call successors, (76), 28 states have call predecessors, (76), 28 states have return successors, (75), 74 states have call predecessors, (75), 75 states have call successors, (75) [2025-03-03 14:26:08,429 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 460 states to 460 states and 708 transitions. [2025-03-03 14:26:08,430 INFO L78 Accepts]: Start accepts. Automaton has 460 states and 708 transitions. Word has length 135 [2025-03-03 14:26:08,430 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:08,430 INFO L471 AbstractCegarLoop]: Abstraction has 460 states and 708 transitions. [2025-03-03 14:26:08,430 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:08,430 INFO L276 IsEmpty]: Start isEmpty. Operand 460 states and 708 transitions. [2025-03-03 14:26:08,434 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 137 [2025-03-03 14:26:08,434 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:08,434 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:08,443 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2025-03-03 14:26:08,635 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:08,635 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:08,635 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:08,636 INFO L85 PathProgramCache]: Analyzing trace with hash 461074754, now seen corresponding path program 1 times [2025-03-03 14:26:08,636 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:08,636 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1551596363] [2025-03-03 14:26:08,636 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:08,636 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:08,655 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 136 statements into 1 equivalence classes. [2025-03-03 14:26:08,660 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 136 of 136 statements. [2025-03-03 14:26:08,663 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:08,663 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:08,781 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2025-03-03 14:26:08,781 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:08,781 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1551596363] [2025-03-03 14:26:08,782 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1551596363] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:08,782 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1495629085] [2025-03-03 14:26:08,782 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:08,782 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:08,782 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:08,784 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:08,787 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-03 14:26:08,921 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 136 statements into 1 equivalence classes. [2025-03-03 14:26:09,033 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 136 of 136 statements. [2025-03-03 14:26:09,033 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:09,033 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:09,037 INFO L256 TraceCheckSpWp]: Trace formula consists of 1141 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-03 14:26:09,040 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:09,087 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2025-03-03 14:26:09,088 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:09,088 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1495629085] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:09,088 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:09,088 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:26:09,089 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1893362489] [2025-03-03 14:26:09,089 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:09,089 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:09,090 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:09,090 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:09,091 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:09,091 INFO L87 Difference]: Start difference. First operand 460 states and 708 transitions. Second operand has 5 states, 4 states have (on average 21.5) internal successors, (86), 5 states have internal predecessors, (86), 3 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 2 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-03 14:26:09,148 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:09,148 INFO L93 Difference]: Finished difference Result 911 states and 1406 transitions. [2025-03-03 14:26:09,152 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:09,152 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 21.5) internal successors, (86), 5 states have internal predecessors, (86), 3 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 2 states have call predecessors, (17), 3 states have call successors, (17) Word has length 136 [2025-03-03 14:26:09,152 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:09,154 INFO L225 Difference]: With dead ends: 911 [2025-03-03 14:26:09,154 INFO L226 Difference]: Without dead ends: 462 [2025-03-03 14:26:09,158 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 140 GetRequests, 134 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:09,160 INFO L435 NwaCegarLoop]: 590 mSDtfsCounter, 2 mSDsluCounter, 1759 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2349 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:09,160 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2349 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:09,161 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 462 states. [2025-03-03 14:26:09,177 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 462 to 462. [2025-03-03 14:26:09,179 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 462 states, 356 states have (on average 1.5674157303370786) internal successors, (558), 361 states have internal predecessors, (558), 76 states have call successors, (76), 28 states have call predecessors, (76), 29 states have return successors, (77), 74 states have call predecessors, (77), 75 states have call successors, (77) [2025-03-03 14:26:09,182 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 462 states to 462 states and 711 transitions. [2025-03-03 14:26:09,182 INFO L78 Accepts]: Start accepts. Automaton has 462 states and 711 transitions. Word has length 136 [2025-03-03 14:26:09,183 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:09,183 INFO L471 AbstractCegarLoop]: Abstraction has 462 states and 711 transitions. [2025-03-03 14:26:09,183 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 21.5) internal successors, (86), 5 states have internal predecessors, (86), 3 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 2 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-03 14:26:09,183 INFO L276 IsEmpty]: Start isEmpty. Operand 462 states and 711 transitions. [2025-03-03 14:26:09,186 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 157 [2025-03-03 14:26:09,186 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:09,186 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:09,194 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:09,387 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:09,387 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:09,388 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:09,388 INFO L85 PathProgramCache]: Analyzing trace with hash 109968435, now seen corresponding path program 1 times [2025-03-03 14:26:09,388 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:09,388 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [804302577] [2025-03-03 14:26:09,388 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:09,388 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:09,411 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 156 statements into 1 equivalence classes. [2025-03-03 14:26:09,420 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 156 of 156 statements. [2025-03-03 14:26:09,420 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:09,420 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:09,556 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:09,556 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:09,556 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [804302577] [2025-03-03 14:26:09,557 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [804302577] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:09,557 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [965102502] [2025-03-03 14:26:09,557 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:09,557 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:09,557 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:09,559 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:09,560 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-03 14:26:09,711 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 156 statements into 1 equivalence classes. [2025-03-03 14:26:09,812 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 156 of 156 statements. [2025-03-03 14:26:09,812 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:09,812 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:09,819 INFO L256 TraceCheckSpWp]: Trace formula consists of 1220 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:26:09,824 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:09,867 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2025-03-03 14:26:09,867 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:09,867 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [965102502] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:09,867 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:09,867 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-03 14:26:09,867 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1052637336] [2025-03-03 14:26:09,867 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:09,867 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:09,867 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:09,868 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:09,868 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:26:09,868 INFO L87 Difference]: Start difference. First operand 462 states and 711 transitions. Second operand has 5 states, 5 states have (on average 19.0) internal successors, (95), 5 states have internal predecessors, (95), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:26:09,923 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:09,923 INFO L93 Difference]: Finished difference Result 913 states and 1411 transitions. [2025-03-03 14:26:09,924 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:09,924 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 19.0) internal successors, (95), 5 states have internal predecessors, (95), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 3 states have call successors, (20) Word has length 156 [2025-03-03 14:26:09,924 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:09,926 INFO L225 Difference]: With dead ends: 913 [2025-03-03 14:26:09,926 INFO L226 Difference]: Without dead ends: 464 [2025-03-03 14:26:09,928 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 163 GetRequests, 154 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:26:09,928 INFO L435 NwaCegarLoop]: 588 mSDtfsCounter, 2 mSDsluCounter, 1747 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2335 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:09,928 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2335 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:09,929 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 464 states. [2025-03-03 14:26:09,938 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 464 to 464. [2025-03-03 14:26:09,939 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 464 states, 357 states have (on average 1.5658263305322129) internal successors, (559), 363 states have internal predecessors, (559), 76 states have call successors, (76), 28 states have call predecessors, (76), 30 states have return successors, (82), 74 states have call predecessors, (82), 75 states have call successors, (82) [2025-03-03 14:26:09,941 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 464 states to 464 states and 717 transitions. [2025-03-03 14:26:09,941 INFO L78 Accepts]: Start accepts. Automaton has 464 states and 717 transitions. Word has length 156 [2025-03-03 14:26:09,941 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:09,941 INFO L471 AbstractCegarLoop]: Abstraction has 464 states and 717 transitions. [2025-03-03 14:26:09,941 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 19.0) internal successors, (95), 5 states have internal predecessors, (95), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:26:09,942 INFO L276 IsEmpty]: Start isEmpty. Operand 464 states and 717 transitions. [2025-03-03 14:26:09,943 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 158 [2025-03-03 14:26:09,943 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:09,943 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:09,951 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:10,144 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:10,144 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:10,145 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:10,145 INFO L85 PathProgramCache]: Analyzing trace with hash 107776756, now seen corresponding path program 1 times [2025-03-03 14:26:10,145 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:10,145 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1255465204] [2025-03-03 14:26:10,145 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:10,145 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:10,166 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 157 statements into 1 equivalence classes. [2025-03-03 14:26:10,177 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 157 of 157 statements. [2025-03-03 14:26:10,177 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:10,177 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:10,307 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 44 trivial. 0 not checked. [2025-03-03 14:26:10,307 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:10,308 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1255465204] [2025-03-03 14:26:10,308 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1255465204] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:10,308 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:10,308 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:26:10,308 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [241573206] [2025-03-03 14:26:10,308 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:10,308 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:10,308 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:10,309 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:10,309 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:10,309 INFO L87 Difference]: Start difference. First operand 464 states and 717 transitions. Second operand has 5 states, 4 states have (on average 22.75) internal successors, (91), 5 states have internal predecessors, (91), 3 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:26:10,347 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:10,347 INFO L93 Difference]: Finished difference Result 905 states and 1402 transitions. [2025-03-03 14:26:10,348 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:10,348 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 22.75) internal successors, (91), 5 states have internal predecessors, (91), 3 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) Word has length 157 [2025-03-03 14:26:10,348 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:10,351 INFO L225 Difference]: With dead ends: 905 [2025-03-03 14:26:10,351 INFO L226 Difference]: Without dead ends: 464 [2025-03-03 14:26:10,353 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:10,354 INFO L435 NwaCegarLoop]: 591 mSDtfsCounter, 2 mSDsluCounter, 1762 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2353 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:10,354 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2353 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:10,355 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 464 states. [2025-03-03 14:26:10,372 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 464 to 464. [2025-03-03 14:26:10,373 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 464 states, 357 states have (on average 1.5658263305322129) internal successors, (559), 363 states have internal predecessors, (559), 76 states have call successors, (76), 28 states have call predecessors, (76), 30 states have return successors, (81), 74 states have call predecessors, (81), 75 states have call successors, (81) [2025-03-03 14:26:10,376 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 464 states to 464 states and 716 transitions. [2025-03-03 14:26:10,376 INFO L78 Accepts]: Start accepts. Automaton has 464 states and 716 transitions. Word has length 157 [2025-03-03 14:26:10,377 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:10,377 INFO L471 AbstractCegarLoop]: Abstraction has 464 states and 716 transitions. [2025-03-03 14:26:10,377 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 22.75) internal successors, (91), 5 states have internal predecessors, (91), 3 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:26:10,377 INFO L276 IsEmpty]: Start isEmpty. Operand 464 states and 716 transitions. [2025-03-03 14:26:10,379 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 159 [2025-03-03 14:26:10,379 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:10,379 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:10,379 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:26:10,379 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:10,379 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:10,379 INFO L85 PathProgramCache]: Analyzing trace with hash -1498272814, now seen corresponding path program 2 times [2025-03-03 14:26:10,379 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:10,379 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1207734343] [2025-03-03 14:26:10,379 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:26:10,380 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:10,402 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 158 statements into 2 equivalence classes. [2025-03-03 14:26:10,408 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) and asserted 59 of 158 statements. [2025-03-03 14:26:10,408 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2025-03-03 14:26:10,408 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:10,537 INFO L134 CoverageAnalysis]: Checked inductivity of 51 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 43 trivial. 0 not checked. [2025-03-03 14:26:10,537 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:10,537 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1207734343] [2025-03-03 14:26:10,537 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1207734343] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:10,537 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:10,537 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:26:10,537 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1925995443] [2025-03-03 14:26:10,537 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:10,538 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:26:10,538 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:10,538 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:26:10,538 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:10,539 INFO L87 Difference]: Start difference. First operand 464 states and 716 transitions. Second operand has 8 states, 8 states have (on average 11.625) internal successors, (93), 7 states have internal predecessors, (93), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 4 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:26:10,901 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:10,902 INFO L93 Difference]: Finished difference Result 1201 states and 1830 transitions. [2025-03-03 14:26:10,902 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2025-03-03 14:26:10,902 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 11.625) internal successors, (93), 7 states have internal predecessors, (93), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 4 states have call predecessors, (20), 3 states have call successors, (20) Word has length 158 [2025-03-03 14:26:10,903 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:10,910 INFO L225 Difference]: With dead ends: 1201 [2025-03-03 14:26:10,911 INFO L226 Difference]: Without dead ends: 996 [2025-03-03 14:26:10,912 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=39, Invalid=117, Unknown=0, NotChecked=0, Total=156 [2025-03-03 14:26:10,912 INFO L435 NwaCegarLoop]: 622 mSDtfsCounter, 639 mSDsluCounter, 3571 mSDsCounter, 0 mSdLazyCounter, 310 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 652 SdHoareTripleChecker+Valid, 4193 SdHoareTripleChecker+Invalid, 337 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 310 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:10,913 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [652 Valid, 4193 Invalid, 337 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 310 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2025-03-03 14:26:10,914 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 996 states. [2025-03-03 14:26:10,952 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 996 to 923. [2025-03-03 14:26:10,953 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 923 states, 712 states have (on average 1.5702247191011236) internal successors, (1118), 721 states have internal predecessors, (1118), 150 states have call successors, (150), 57 states have call predecessors, (150), 60 states have return successors, (164), 148 states have call predecessors, (164), 148 states have call successors, (164) [2025-03-03 14:26:10,958 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 923 states to 923 states and 1432 transitions. [2025-03-03 14:26:10,959 INFO L78 Accepts]: Start accepts. Automaton has 923 states and 1432 transitions. Word has length 158 [2025-03-03 14:26:10,959 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:10,959 INFO L471 AbstractCegarLoop]: Abstraction has 923 states and 1432 transitions. [2025-03-03 14:26:10,960 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 11.625) internal successors, (93), 7 states have internal predecessors, (93), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 4 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:26:10,960 INFO L276 IsEmpty]: Start isEmpty. Operand 923 states and 1432 transitions. [2025-03-03 14:26:10,963 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 141 [2025-03-03 14:26:10,963 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:10,963 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:10,963 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:26:10,963 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:10,963 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:10,965 INFO L85 PathProgramCache]: Analyzing trace with hash -933201310, now seen corresponding path program 1 times [2025-03-03 14:26:10,965 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:10,965 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1229988262] [2025-03-03 14:26:10,965 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:10,965 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:10,982 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 140 statements into 1 equivalence classes. [2025-03-03 14:26:10,989 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 140 of 140 statements. [2025-03-03 14:26:10,989 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:10,989 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:11,080 INFO L134 CoverageAnalysis]: Checked inductivity of 39 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2025-03-03 14:26:11,080 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:11,080 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1229988262] [2025-03-03 14:26:11,080 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1229988262] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:11,080 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:11,080 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:26:11,080 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1326302726] [2025-03-03 14:26:11,080 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:11,080 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:11,081 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:11,081 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:11,081 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:11,081 INFO L87 Difference]: Start difference. First operand 923 states and 1432 transitions. Second operand has 5 states, 4 states have (on average 21.75) internal successors, (87), 5 states have internal predecessors, (87), 3 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-03 14:26:11,149 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:11,150 INFO L93 Difference]: Finished difference Result 1815 states and 2824 transitions. [2025-03-03 14:26:11,150 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:11,150 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 21.75) internal successors, (87), 5 states have internal predecessors, (87), 3 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 3 states have call successors, (17) Word has length 140 [2025-03-03 14:26:11,150 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:11,156 INFO L225 Difference]: With dead ends: 1815 [2025-03-03 14:26:11,156 INFO L226 Difference]: Without dead ends: 927 [2025-03-03 14:26:11,158 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:11,159 INFO L435 NwaCegarLoop]: 592 mSDtfsCounter, 1 mSDsluCounter, 1764 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2356 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:11,159 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2356 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:11,160 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 927 states. [2025-03-03 14:26:11,191 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 927 to 927. [2025-03-03 14:26:11,193 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 927 states, 714 states have (on average 1.5686274509803921) internal successors, (1120), 725 states have internal predecessors, (1120), 150 states have call successors, (150), 57 states have call predecessors, (150), 62 states have return successors, (167), 148 states have call predecessors, (167), 148 states have call successors, (167) [2025-03-03 14:26:11,198 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 927 states to 927 states and 1437 transitions. [2025-03-03 14:26:11,199 INFO L78 Accepts]: Start accepts. Automaton has 927 states and 1437 transitions. Word has length 140 [2025-03-03 14:26:11,199 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:11,199 INFO L471 AbstractCegarLoop]: Abstraction has 927 states and 1437 transitions. [2025-03-03 14:26:11,199 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 21.75) internal successors, (87), 5 states have internal predecessors, (87), 3 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-03 14:26:11,199 INFO L276 IsEmpty]: Start isEmpty. Operand 927 states and 1437 transitions. [2025-03-03 14:26:11,203 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 142 [2025-03-03 14:26:11,203 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:11,203 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:11,203 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:26:11,203 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:11,204 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:11,204 INFO L85 PathProgramCache]: Analyzing trace with hash 1874424455, now seen corresponding path program 1 times [2025-03-03 14:26:11,204 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:11,204 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2139796410] [2025-03-03 14:26:11,204 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:11,204 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:11,222 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 141 statements into 1 equivalence classes. [2025-03-03 14:26:11,228 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 141 of 141 statements. [2025-03-03 14:26:11,228 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:11,228 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:11,323 INFO L134 CoverageAnalysis]: Checked inductivity of 39 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 26 trivial. 0 not checked. [2025-03-03 14:26:11,324 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:11,324 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2139796410] [2025-03-03 14:26:11,324 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2139796410] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:11,324 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:11,324 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:26:11,324 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [864920382] [2025-03-03 14:26:11,324 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:11,325 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:26:11,325 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:11,325 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:26:11,325 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:11,325 INFO L87 Difference]: Start difference. First operand 927 states and 1437 transitions. Second operand has 8 states, 7 states have (on average 13.0) internal successors, (91), 8 states have internal predecessors, (91), 4 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 3 states have call predecessors, (17), 4 states have call successors, (17) [2025-03-03 14:26:11,448 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:11,449 INFO L93 Difference]: Finished difference Result 1813 states and 2816 transitions. [2025-03-03 14:26:11,449 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-03-03 14:26:11,449 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 13.0) internal successors, (91), 8 states have internal predecessors, (91), 4 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 3 states have call predecessors, (17), 4 states have call successors, (17) Word has length 141 [2025-03-03 14:26:11,449 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:11,454 INFO L225 Difference]: With dead ends: 1813 [2025-03-03 14:26:11,454 INFO L226 Difference]: Without dead ends: 931 [2025-03-03 14:26:11,456 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2025-03-03 14:26:11,457 INFO L435 NwaCegarLoop]: 582 mSDtfsCounter, 7 mSDsluCounter, 3463 mSDsCounter, 0 mSdLazyCounter, 145 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 8 SdHoareTripleChecker+Valid, 4045 SdHoareTripleChecker+Invalid, 149 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 145 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:11,457 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [8 Valid, 4045 Invalid, 149 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 145 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:26:11,458 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 931 states. [2025-03-03 14:26:11,485 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 931 to 929. [2025-03-03 14:26:11,499 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 929 states, 716 states have (on average 1.5670391061452513) internal successors, (1122), 726 states have internal predecessors, (1122), 150 states have call successors, (150), 58 states have call predecessors, (150), 62 states have return successors, (165), 148 states have call predecessors, (165), 148 states have call successors, (165) [2025-03-03 14:26:11,504 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 929 states to 929 states and 1437 transitions. [2025-03-03 14:26:11,504 INFO L78 Accepts]: Start accepts. Automaton has 929 states and 1437 transitions. Word has length 141 [2025-03-03 14:26:11,504 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:11,504 INFO L471 AbstractCegarLoop]: Abstraction has 929 states and 1437 transitions. [2025-03-03 14:26:11,505 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 13.0) internal successors, (91), 8 states have internal predecessors, (91), 4 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 3 states have call predecessors, (17), 4 states have call successors, (17) [2025-03-03 14:26:11,505 INFO L276 IsEmpty]: Start isEmpty. Operand 929 states and 1437 transitions. [2025-03-03 14:26:11,508 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 162 [2025-03-03 14:26:11,508 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:11,508 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:11,508 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:26:11,508 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:11,508 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:11,508 INFO L85 PathProgramCache]: Analyzing trace with hash -1983781607, now seen corresponding path program 1 times [2025-03-03 14:26:11,508 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:11,508 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1377850904] [2025-03-03 14:26:11,508 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:11,508 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:11,529 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 161 statements into 1 equivalence classes. [2025-03-03 14:26:11,534 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 161 of 161 statements. [2025-03-03 14:26:11,534 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:11,534 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:11,652 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:11,652 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:11,652 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1377850904] [2025-03-03 14:26:11,652 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1377850904] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:11,652 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:11,653 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:26:11,653 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1827964356] [2025-03-03 14:26:11,653 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:11,653 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:26:11,653 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:11,653 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:26:11,653 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:11,653 INFO L87 Difference]: Start difference. First operand 929 states and 1437 transitions. Second operand has 8 states, 7 states have (on average 14.142857142857142) internal successors, (99), 8 states have internal predecessors, (99), 4 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 4 states have call successors, (20) [2025-03-03 14:26:11,775 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:11,775 INFO L93 Difference]: Finished difference Result 1827 states and 2836 transitions. [2025-03-03 14:26:11,775 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-03-03 14:26:11,775 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 14.142857142857142) internal successors, (99), 8 states have internal predecessors, (99), 4 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 4 states have call successors, (20) Word has length 161 [2025-03-03 14:26:11,776 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:11,780 INFO L225 Difference]: With dead ends: 1827 [2025-03-03 14:26:11,780 INFO L226 Difference]: Without dead ends: 939 [2025-03-03 14:26:11,782 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2025-03-03 14:26:11,783 INFO L435 NwaCegarLoop]: 584 mSDtfsCounter, 5 mSDsluCounter, 3475 mSDsCounter, 0 mSdLazyCounter, 158 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 6 SdHoareTripleChecker+Valid, 4059 SdHoareTripleChecker+Invalid, 163 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 158 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:11,783 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [6 Valid, 4059 Invalid, 163 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 158 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:26:11,784 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 939 states. [2025-03-03 14:26:11,810 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 939 to 937. [2025-03-03 14:26:11,811 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 937 states, 722 states have (on average 1.5623268698060941) internal successors, (1128), 733 states have internal predecessors, (1128), 150 states have call successors, (150), 59 states have call predecessors, (150), 64 states have return successors, (172), 148 states have call predecessors, (172), 148 states have call successors, (172) [2025-03-03 14:26:11,816 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 937 states to 937 states and 1450 transitions. [2025-03-03 14:26:11,817 INFO L78 Accepts]: Start accepts. Automaton has 937 states and 1450 transitions. Word has length 161 [2025-03-03 14:26:11,817 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:11,817 INFO L471 AbstractCegarLoop]: Abstraction has 937 states and 1450 transitions. [2025-03-03 14:26:11,817 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 14.142857142857142) internal successors, (99), 8 states have internal predecessors, (99), 4 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 4 states have call successors, (20) [2025-03-03 14:26:11,817 INFO L276 IsEmpty]: Start isEmpty. Operand 937 states and 1450 transitions. [2025-03-03 14:26:11,821 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 163 [2025-03-03 14:26:11,821 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:11,821 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:11,821 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2025-03-03 14:26:11,821 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:11,821 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:11,822 INFO L85 PathProgramCache]: Analyzing trace with hash 1811199215, now seen corresponding path program 1 times [2025-03-03 14:26:11,822 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:11,822 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [534756401] [2025-03-03 14:26:11,822 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:11,822 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:11,837 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 162 statements into 1 equivalence classes. [2025-03-03 14:26:11,856 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 162 of 162 statements. [2025-03-03 14:26:11,856 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:11,856 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:11,922 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:11,922 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:11,922 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [534756401] [2025-03-03 14:26:11,922 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [534756401] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:11,922 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [50508917] [2025-03-03 14:26:11,922 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:11,922 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:11,922 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:11,924 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:11,925 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-03 14:26:12,065 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 162 statements into 1 equivalence classes. [2025-03-03 14:26:12,159 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 162 of 162 statements. [2025-03-03 14:26:12,160 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:12,160 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:12,164 INFO L256 TraceCheckSpWp]: Trace formula consists of 1226 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:26:12,169 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:12,188 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:12,188 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:26:12,275 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:12,275 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [50508917] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:26:12,275 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:26:12,275 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2025-03-03 14:26:12,276 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2021424130] [2025-03-03 14:26:12,276 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:26:12,276 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-03 14:26:12,276 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:12,277 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-03 14:26:12,277 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:26:12,277 INFO L87 Difference]: Start difference. First operand 937 states and 1450 transitions. Second operand has 7 states, 7 states have (on average 19.857142857142858) internal successors, (139), 7 states have internal predecessors, (139), 2 states have call successors, (37), 2 states have call predecessors, (37), 2 states have return successors, (34), 2 states have call predecessors, (34), 2 states have call successors, (34) [2025-03-03 14:26:12,427 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:12,427 INFO L93 Difference]: Finished difference Result 2185 states and 3507 transitions. [2025-03-03 14:26:12,428 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-03 14:26:12,428 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 19.857142857142858) internal successors, (139), 7 states have internal predecessors, (139), 2 states have call successors, (37), 2 states have call predecessors, (37), 2 states have return successors, (34), 2 states have call predecessors, (34), 2 states have call successors, (34) Word has length 162 [2025-03-03 14:26:12,428 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:12,437 INFO L225 Difference]: With dead ends: 2185 [2025-03-03 14:26:12,437 INFO L226 Difference]: Without dead ends: 1761 [2025-03-03 14:26:12,439 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 326 GetRequests, 321 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:26:12,439 INFO L435 NwaCegarLoop]: 622 mSDtfsCounter, 372 mSDsluCounter, 2116 mSDsCounter, 0 mSdLazyCounter, 91 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 426 SdHoareTripleChecker+Valid, 2738 SdHoareTripleChecker+Invalid, 92 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 91 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:12,439 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [426 Valid, 2738 Invalid, 92 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 91 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:26:12,441 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1761 states. [2025-03-03 14:26:12,506 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1761 to 1713. [2025-03-03 14:26:12,509 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1713 states, 1340 states have (on average 1.6298507462686567) internal successors, (2184), 1351 states have internal predecessors, (2184), 308 states have call successors, (308), 59 states have call predecessors, (308), 64 states have return successors, (355), 306 states have call predecessors, (355), 306 states have call successors, (355) [2025-03-03 14:26:12,517 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1713 states to 1713 states and 2847 transitions. [2025-03-03 14:26:12,518 INFO L78 Accepts]: Start accepts. Automaton has 1713 states and 2847 transitions. Word has length 162 [2025-03-03 14:26:12,519 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:12,519 INFO L471 AbstractCegarLoop]: Abstraction has 1713 states and 2847 transitions. [2025-03-03 14:26:12,519 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 19.857142857142858) internal successors, (139), 7 states have internal predecessors, (139), 2 states have call successors, (37), 2 states have call predecessors, (37), 2 states have return successors, (34), 2 states have call predecessors, (34), 2 states have call successors, (34) [2025-03-03 14:26:12,519 INFO L276 IsEmpty]: Start isEmpty. Operand 1713 states and 2847 transitions. [2025-03-03 14:26:12,526 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 150 [2025-03-03 14:26:12,526 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:12,526 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:12,534 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:12,727 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:12,727 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:12,727 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:12,728 INFO L85 PathProgramCache]: Analyzing trace with hash 905256202, now seen corresponding path program 1 times [2025-03-03 14:26:12,728 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:12,728 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1082820609] [2025-03-03 14:26:12,728 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:12,728 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:12,744 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 149 statements into 1 equivalence classes. [2025-03-03 14:26:12,751 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 149 of 149 statements. [2025-03-03 14:26:12,752 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:12,752 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:12,785 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:12,785 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:12,786 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1082820609] [2025-03-03 14:26:12,786 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1082820609] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:12,786 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:12,786 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:12,786 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1416221622] [2025-03-03 14:26:12,786 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:12,787 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:12,787 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:12,787 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:12,787 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:12,788 INFO L87 Difference]: Start difference. First operand 1713 states and 2847 transitions. Second operand has 3 states, 3 states have (on average 31.333333333333332) internal successors, (94), 3 states have internal predecessors, (94), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:12,854 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:12,854 INFO L93 Difference]: Finished difference Result 4085 states and 6898 transitions. [2025-03-03 14:26:12,855 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:12,855 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 31.333333333333332) internal successors, (94), 3 states have internal predecessors, (94), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) Word has length 149 [2025-03-03 14:26:12,855 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:12,867 INFO L225 Difference]: With dead ends: 4085 [2025-03-03 14:26:12,867 INFO L226 Difference]: Without dead ends: 2499 [2025-03-03 14:26:12,873 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:12,873 INFO L435 NwaCegarLoop]: 619 mSDtfsCounter, 124 mSDsluCounter, 596 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1215 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:12,873 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1215 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:12,875 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2499 states. [2025-03-03 14:26:12,973 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2499 to 2483. [2025-03-03 14:26:12,977 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2483 states, 1952 states have (on average 1.646516393442623) internal successors, (3214), 1963 states have internal predecessors, (3214), 466 states have call successors, (466), 59 states have call predecessors, (466), 64 states have return successors, (538), 464 states have call predecessors, (538), 464 states have call successors, (538) [2025-03-03 14:26:12,990 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2483 states to 2483 states and 4218 transitions. [2025-03-03 14:26:12,992 INFO L78 Accepts]: Start accepts. Automaton has 2483 states and 4218 transitions. Word has length 149 [2025-03-03 14:26:12,993 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:12,993 INFO L471 AbstractCegarLoop]: Abstraction has 2483 states and 4218 transitions. [2025-03-03 14:26:12,993 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 31.333333333333332) internal successors, (94), 3 states have internal predecessors, (94), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:12,993 INFO L276 IsEmpty]: Start isEmpty. Operand 2483 states and 4218 transitions. [2025-03-03 14:26:13,005 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 170 [2025-03-03 14:26:13,006 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:13,006 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:13,006 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-03 14:26:13,006 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:13,007 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:13,007 INFO L85 PathProgramCache]: Analyzing trace with hash -353130986, now seen corresponding path program 1 times [2025-03-03 14:26:13,007 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:13,007 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [282542069] [2025-03-03 14:26:13,008 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:13,008 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:13,033 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 169 statements into 1 equivalence classes. [2025-03-03 14:26:13,042 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 169 of 169 statements. [2025-03-03 14:26:13,042 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:13,043 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:13,084 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:13,084 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:13,084 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [282542069] [2025-03-03 14:26:13,084 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [282542069] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:13,084 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:13,084 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:13,084 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [322281962] [2025-03-03 14:26:13,084 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:13,085 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:13,085 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:13,086 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:13,086 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:13,086 INFO L87 Difference]: Start difference. First operand 2483 states and 4218 transitions. Second operand has 3 states, 3 states have (on average 34.0) internal successors, (102), 3 states have internal predecessors, (102), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:13,177 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:13,178 INFO L93 Difference]: Finished difference Result 5961 states and 10217 transitions. [2025-03-03 14:26:13,178 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:13,179 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.0) internal successors, (102), 3 states have internal predecessors, (102), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 169 [2025-03-03 14:26:13,179 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:13,198 INFO L225 Difference]: With dead ends: 5961 [2025-03-03 14:26:13,198 INFO L226 Difference]: Without dead ends: 3707 [2025-03-03 14:26:13,206 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:13,207 INFO L435 NwaCegarLoop]: 599 mSDtfsCounter, 122 mSDsluCounter, 591 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1190 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:13,208 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1190 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:13,211 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 3707 states. [2025-03-03 14:26:13,333 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 3707 to 3691. [2025-03-03 14:26:13,339 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3691 states, 2922 states have (on average 1.6577686516084873) internal successors, (4844), 2933 states have internal predecessors, (4844), 704 states have call successors, (704), 59 states have call predecessors, (704), 64 states have return successors, (792), 702 states have call predecessors, (792), 702 states have call successors, (792) [2025-03-03 14:26:13,352 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3691 states to 3691 states and 6340 transitions. [2025-03-03 14:26:13,354 INFO L78 Accepts]: Start accepts. Automaton has 3691 states and 6340 transitions. Word has length 169 [2025-03-03 14:26:13,354 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:13,354 INFO L471 AbstractCegarLoop]: Abstraction has 3691 states and 6340 transitions. [2025-03-03 14:26:13,354 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.0) internal successors, (102), 3 states have internal predecessors, (102), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:13,354 INFO L276 IsEmpty]: Start isEmpty. Operand 3691 states and 6340 transitions. [2025-03-03 14:26:13,373 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 171 [2025-03-03 14:26:13,373 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:13,373 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:13,374 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-03-03 14:26:13,374 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:13,374 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:13,374 INFO L85 PathProgramCache]: Analyzing trace with hash 1181304912, now seen corresponding path program 1 times [2025-03-03 14:26:13,374 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:13,374 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [440688856] [2025-03-03 14:26:13,374 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:13,374 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:13,394 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 170 statements into 1 equivalence classes. [2025-03-03 14:26:13,400 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 170 of 170 statements. [2025-03-03 14:26:13,400 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:13,400 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:13,430 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:13,430 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:13,430 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [440688856] [2025-03-03 14:26:13,430 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [440688856] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:13,431 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:13,431 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:13,431 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [478938858] [2025-03-03 14:26:13,431 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:13,431 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:13,431 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:13,431 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:13,431 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:13,432 INFO L87 Difference]: Start difference. First operand 3691 states and 6340 transitions. Second operand has 3 states, 3 states have (on average 34.333333333333336) internal successors, (103), 3 states have internal predecessors, (103), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:13,569 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:13,569 INFO L93 Difference]: Finished difference Result 8775 states and 15215 transitions. [2025-03-03 14:26:13,570 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:13,570 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.333333333333336) internal successors, (103), 3 states have internal predecessors, (103), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 170 [2025-03-03 14:26:13,570 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:13,593 INFO L225 Difference]: With dead ends: 8775 [2025-03-03 14:26:13,593 INFO L226 Difference]: Without dead ends: 5557 [2025-03-03 14:26:13,600 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:13,601 INFO L435 NwaCegarLoop]: 597 mSDtfsCounter, 120 mSDsluCounter, 588 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1185 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:13,601 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1185 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:13,605 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 5557 states. [2025-03-03 14:26:13,758 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 5557 to 5541. [2025-03-03 14:26:13,770 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5541 states, 4448 states have (on average 1.66681654676259) internal successors, (7414), 4459 states have internal predecessors, (7414), 1028 states have call successors, (1028), 59 states have call predecessors, (1028), 64 states have return successors, (1166), 1026 states have call predecessors, (1166), 1026 states have call successors, (1166) [2025-03-03 14:26:13,793 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5541 states to 5541 states and 9608 transitions. [2025-03-03 14:26:13,797 INFO L78 Accepts]: Start accepts. Automaton has 5541 states and 9608 transitions. Word has length 170 [2025-03-03 14:26:13,797 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:13,797 INFO L471 AbstractCegarLoop]: Abstraction has 5541 states and 9608 transitions. [2025-03-03 14:26:13,797 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.333333333333336) internal successors, (103), 3 states have internal predecessors, (103), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:13,797 INFO L276 IsEmpty]: Start isEmpty. Operand 5541 states and 9608 transitions. [2025-03-03 14:26:13,819 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 172 [2025-03-03 14:26:13,820 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:13,820 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:13,820 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-03 14:26:13,820 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:13,820 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:13,820 INFO L85 PathProgramCache]: Analyzing trace with hash -1376189259, now seen corresponding path program 1 times [2025-03-03 14:26:13,820 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:13,820 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [39652970] [2025-03-03 14:26:13,820 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:13,821 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:13,837 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 171 statements into 1 equivalence classes. [2025-03-03 14:26:13,862 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 171 of 171 statements. [2025-03-03 14:26:13,862 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:13,862 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:13,891 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:13,892 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:13,892 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [39652970] [2025-03-03 14:26:13,892 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [39652970] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:13,892 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:13,892 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:13,892 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [575481708] [2025-03-03 14:26:13,892 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:13,892 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:13,892 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:13,893 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:13,893 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:13,893 INFO L87 Difference]: Start difference. First operand 5541 states and 9608 transitions. Second operand has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:14,042 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:14,042 INFO L93 Difference]: Finished difference Result 13211 states and 23109 transitions. [2025-03-03 14:26:14,043 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:14,043 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 171 [2025-03-03 14:26:14,043 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:14,120 INFO L225 Difference]: With dead ends: 13211 [2025-03-03 14:26:14,120 INFO L226 Difference]: Without dead ends: 8543 [2025-03-03 14:26:14,132 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:14,132 INFO L435 NwaCegarLoop]: 604 mSDtfsCounter, 118 mSDsluCounter, 589 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1193 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:14,132 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1193 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:14,139 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 8543 states. [2025-03-03 14:26:14,443 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 8543 to 8527. [2025-03-03 14:26:14,465 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 8527 states, 6944 states have (on average 1.6733870967741935) internal successors, (11620), 6955 states have internal predecessors, (11620), 1518 states have call successors, (1518), 59 states have call predecessors, (1518), 64 states have return successors, (1739), 1516 states have call predecessors, (1739), 1516 states have call successors, (1739) [2025-03-03 14:26:14,505 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 8527 states to 8527 states and 14877 transitions. [2025-03-03 14:26:14,509 INFO L78 Accepts]: Start accepts. Automaton has 8527 states and 14877 transitions. Word has length 171 [2025-03-03 14:26:14,509 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:14,509 INFO L471 AbstractCegarLoop]: Abstraction has 8527 states and 14877 transitions. [2025-03-03 14:26:14,510 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:14,510 INFO L276 IsEmpty]: Start isEmpty. Operand 8527 states and 14877 transitions. [2025-03-03 14:26:14,545 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 154 [2025-03-03 14:26:14,545 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:14,545 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:14,546 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-03 14:26:14,546 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:14,546 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:14,546 INFO L85 PathProgramCache]: Analyzing trace with hash -554776088, now seen corresponding path program 1 times [2025-03-03 14:26:14,546 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:14,546 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1808202719] [2025-03-03 14:26:14,546 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:14,546 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:14,562 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 153 statements into 1 equivalence classes. [2025-03-03 14:26:14,567 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 153 of 153 statements. [2025-03-03 14:26:14,567 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:14,567 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:14,593 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:14,593 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:14,593 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1808202719] [2025-03-03 14:26:14,593 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1808202719] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:14,593 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:14,594 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:14,594 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [313724130] [2025-03-03 14:26:14,594 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:14,594 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:14,594 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:14,595 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:14,595 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:14,595 INFO L87 Difference]: Start difference. First operand 8527 states and 14877 transitions. Second operand has 3 states, 3 states have (on average 32.666666666666664) internal successors, (98), 3 states have internal predecessors, (98), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:14,842 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:14,842 INFO L93 Difference]: Finished difference Result 21131 states and 37112 transitions. [2025-03-03 14:26:14,842 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:14,843 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 32.666666666666664) internal successors, (98), 3 states have internal predecessors, (98), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) Word has length 153 [2025-03-03 14:26:14,843 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:14,898 INFO L225 Difference]: With dead ends: 21131 [2025-03-03 14:26:14,898 INFO L226 Difference]: Without dead ends: 13931 [2025-03-03 14:26:14,928 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:14,928 INFO L435 NwaCegarLoop]: 601 mSDtfsCounter, 116 mSDsluCounter, 593 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1194 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:14,929 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1194 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:14,941 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 13931 states. [2025-03-03 14:26:15,366 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 13931 to 13915. [2025-03-03 14:26:15,385 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 13915 states, 11346 states have (on average 1.670368411775075) internal successors, (18952), 11357 states have internal predecessors, (18952), 2504 states have call successors, (2504), 59 states have call predecessors, (2504), 64 states have return successors, (2869), 2502 states have call predecessors, (2869), 2502 states have call successors, (2869) [2025-03-03 14:26:15,429 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 13915 states to 13915 states and 24325 transitions. [2025-03-03 14:26:15,435 INFO L78 Accepts]: Start accepts. Automaton has 13915 states and 24325 transitions. Word has length 153 [2025-03-03 14:26:15,435 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:15,436 INFO L471 AbstractCegarLoop]: Abstraction has 13915 states and 24325 transitions. [2025-03-03 14:26:15,436 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 32.666666666666664) internal successors, (98), 3 states have internal predecessors, (98), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:15,436 INFO L276 IsEmpty]: Start isEmpty. Operand 13915 states and 24325 transitions. [2025-03-03 14:26:15,483 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 155 [2025-03-03 14:26:15,483 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:15,484 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:15,484 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-03 14:26:15,484 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:15,484 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:15,484 INFO L85 PathProgramCache]: Analyzing trace with hash -830453339, now seen corresponding path program 1 times [2025-03-03 14:26:15,484 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:15,485 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [709343948] [2025-03-03 14:26:15,485 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:15,485 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:15,499 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 154 statements into 1 equivalence classes. [2025-03-03 14:26:15,507 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 154 of 154 statements. [2025-03-03 14:26:15,507 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:15,507 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:15,536 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:15,536 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:15,536 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [709343948] [2025-03-03 14:26:15,536 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [709343948] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:15,536 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:15,537 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:15,537 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [538746472] [2025-03-03 14:26:15,537 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:15,537 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:15,537 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:15,538 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:15,538 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:15,539 INFO L87 Difference]: Start difference. First operand 13915 states and 24325 transitions. Second operand has 3 states, 3 states have (on average 33.0) internal successors, (99), 3 states have internal predecessors, (99), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:16,070 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:16,071 INFO L93 Difference]: Finished difference Result 35201 states and 61896 transitions. [2025-03-03 14:26:16,071 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:16,071 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 33.0) internal successors, (99), 3 states have internal predecessors, (99), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) Word has length 154 [2025-03-03 14:26:16,071 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:16,184 INFO L225 Difference]: With dead ends: 35201 [2025-03-03 14:26:16,185 INFO L226 Difference]: Without dead ends: 23355 [2025-03-03 14:26:16,229 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:16,229 INFO L435 NwaCegarLoop]: 601 mSDtfsCounter, 114 mSDsluCounter, 591 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 132 SdHoareTripleChecker+Valid, 1192 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:16,229 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [132 Valid, 1192 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:16,253 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 23355 states. [2025-03-03 14:26:17,002 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 23355 to 23339. [2025-03-03 14:26:17,038 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 23339 states, 19126 states have (on average 1.6712328767123288) internal successors, (31964), 19137 states have internal predecessors, (31964), 4148 states have call successors, (4148), 59 states have call predecessors, (4148), 64 states have return successors, (4702), 4146 states have call predecessors, (4702), 4146 states have call successors, (4702) [2025-03-03 14:26:17,111 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 23339 states to 23339 states and 40814 transitions. [2025-03-03 14:26:17,122 INFO L78 Accepts]: Start accepts. Automaton has 23339 states and 40814 transitions. Word has length 154 [2025-03-03 14:26:17,122 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:17,122 INFO L471 AbstractCegarLoop]: Abstraction has 23339 states and 40814 transitions. [2025-03-03 14:26:17,123 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 33.0) internal successors, (99), 3 states have internal predecessors, (99), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:17,123 INFO L276 IsEmpty]: Start isEmpty. Operand 23339 states and 40814 transitions. [2025-03-03 14:26:17,189 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 156 [2025-03-03 14:26:17,189 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:17,189 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:17,189 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-03 14:26:17,190 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:17,191 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:17,191 INFO L85 PathProgramCache]: Analyzing trace with hash -1288303481, now seen corresponding path program 1 times [2025-03-03 14:26:17,191 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:17,191 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2037018193] [2025-03-03 14:26:17,191 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:17,191 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:17,205 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 155 statements into 1 equivalence classes. [2025-03-03 14:26:17,211 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 155 of 155 statements. [2025-03-03 14:26:17,211 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:17,211 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:17,237 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:17,237 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:17,237 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2037018193] [2025-03-03 14:26:17,237 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2037018193] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:17,237 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:17,238 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:17,238 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1103069724] [2025-03-03 14:26:17,238 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:17,239 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:17,240 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:17,240 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:17,240 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:17,240 INFO L87 Difference]: Start difference. First operand 23339 states and 40814 transitions. Second operand has 3 states, 3 states have (on average 33.333333333333336) internal successors, (100), 3 states have internal predecessors, (100), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:17,929 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:17,929 INFO L93 Difference]: Finished difference Result 55663 states and 97356 transitions. [2025-03-03 14:26:17,930 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:17,930 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 33.333333333333336) internal successors, (100), 3 states have internal predecessors, (100), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) Word has length 155 [2025-03-03 14:26:17,930 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:18,068 INFO L225 Difference]: With dead ends: 55663 [2025-03-03 14:26:18,069 INFO L226 Difference]: Without dead ends: 36267 [2025-03-03 14:26:18,105 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:18,106 INFO L435 NwaCegarLoop]: 597 mSDtfsCounter, 112 mSDsluCounter, 563 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 1160 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:18,106 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 1160 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:18,130 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 36267 states. [2025-03-03 14:26:19,265 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 36267 to 36251. [2025-03-03 14:26:19,314 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 36251 states, 29632 states have (on average 1.6476106911447084) internal successors, (48822), 29643 states have internal predecessors, (48822), 6554 states have call successors, (6554), 59 states have call predecessors, (6554), 64 states have return successors, (7533), 6552 states have call predecessors, (7533), 6552 states have call successors, (7533) [2025-03-03 14:26:19,455 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 36251 states to 36251 states and 62909 transitions. [2025-03-03 14:26:19,474 INFO L78 Accepts]: Start accepts. Automaton has 36251 states and 62909 transitions. Word has length 155 [2025-03-03 14:26:19,475 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:19,475 INFO L471 AbstractCegarLoop]: Abstraction has 36251 states and 62909 transitions. [2025-03-03 14:26:19,475 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 33.333333333333336) internal successors, (100), 3 states have internal predecessors, (100), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:19,475 INFO L276 IsEmpty]: Start isEmpty. Operand 36251 states and 62909 transitions. [2025-03-03 14:26:19,580 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 176 [2025-03-03 14:26:19,580 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:19,580 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:19,580 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-03 14:26:19,580 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:19,581 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:19,581 INFO L85 PathProgramCache]: Analyzing trace with hash -43718989, now seen corresponding path program 1 times [2025-03-03 14:26:19,581 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:19,581 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [951522207] [2025-03-03 14:26:19,581 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:19,582 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:19,602 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 175 statements into 1 equivalence classes. [2025-03-03 14:26:19,611 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 175 of 175 statements. [2025-03-03 14:26:19,611 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:19,611 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:19,650 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:19,651 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:19,651 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [951522207] [2025-03-03 14:26:19,651 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [951522207] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:19,651 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:19,651 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:19,651 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1200573182] [2025-03-03 14:26:19,651 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:19,652 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:19,652 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:19,652 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:19,652 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:19,653 INFO L87 Difference]: Start difference. First operand 36251 states and 62909 transitions. Second operand has 3 states, 3 states have (on average 36.0) internal successors, (108), 3 states have internal predecessors, (108), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:21,167 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:21,167 INFO L93 Difference]: Finished difference Result 95717 states and 166897 transitions. [2025-03-03 14:26:21,168 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:21,168 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 36.0) internal successors, (108), 3 states have internal predecessors, (108), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 175 [2025-03-03 14:26:21,168 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:21,425 INFO L225 Difference]: With dead ends: 95717 [2025-03-03 14:26:21,425 INFO L226 Difference]: Without dead ends: 64607 [2025-03-03 14:26:21,491 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:21,491 INFO L435 NwaCegarLoop]: 597 mSDtfsCounter, 110 mSDsluCounter, 591 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1188 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:21,492 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1188 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:21,529 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64607 states. [2025-03-03 14:26:23,245 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64607 to 64591. [2025-03-03 14:26:23,324 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64591 states, 53072 states have (on average 1.6450105517033464) internal successors, (87304), 53083 states have internal predecessors, (87304), 11454 states have call successors, (11454), 59 states have call predecessors, (11454), 64 states have return successors, (13247), 11452 states have call predecessors, (13247), 11452 states have call successors, (13247) [2025-03-03 14:26:23,597 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64591 states to 64591 states and 112005 transitions. [2025-03-03 14:26:23,633 INFO L78 Accepts]: Start accepts. Automaton has 64591 states and 112005 transitions. Word has length 175 [2025-03-03 14:26:23,634 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:23,634 INFO L471 AbstractCegarLoop]: Abstraction has 64591 states and 112005 transitions. [2025-03-03 14:26:23,634 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 36.0) internal successors, (108), 3 states have internal predecessors, (108), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:23,634 INFO L276 IsEmpty]: Start isEmpty. Operand 64591 states and 112005 transitions. [2025-03-03 14:26:23,795 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 177 [2025-03-03 14:26:23,796 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:23,796 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:23,796 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-03 14:26:23,796 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:23,796 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:23,796 INFO L85 PathProgramCache]: Analyzing trace with hash -285046317, now seen corresponding path program 1 times [2025-03-03 14:26:23,796 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:23,797 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [299109287] [2025-03-03 14:26:23,797 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:23,797 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:23,817 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 176 statements into 1 equivalence classes. [2025-03-03 14:26:23,825 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 176 of 176 statements. [2025-03-03 14:26:23,825 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:23,825 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:23,870 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:23,870 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:23,870 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [299109287] [2025-03-03 14:26:23,870 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [299109287] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:23,870 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:23,870 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:23,871 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [704754611] [2025-03-03 14:26:23,871 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:23,871 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:23,872 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:23,872 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:23,872 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:23,873 INFO L87 Difference]: Start difference. First operand 64591 states and 112005 transitions. Second operand has 3 states, 3 states have (on average 36.333333333333336) internal successors, (109), 3 states have internal predecessors, (109), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:26,531 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:26,531 INFO L93 Difference]: Finished difference Result 175951 states and 305761 transitions. [2025-03-03 14:26:26,532 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:26,532 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 36.333333333333336) internal successors, (109), 3 states have internal predecessors, (109), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 176 [2025-03-03 14:26:26,532 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:27,087 INFO L225 Difference]: With dead ends: 175951 [2025-03-03 14:26:27,087 INFO L226 Difference]: Without dead ends: 118235 [2025-03-03 14:26:27,442 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:27,444 INFO L435 NwaCegarLoop]: 597 mSDtfsCounter, 108 mSDsluCounter, 591 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 1188 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:27,445 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [126 Valid, 1188 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:27,524 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 118235 states. [2025-03-03 14:26:31,599 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 118235 to 118219. [2025-03-03 14:26:31,719 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 118219 states, 97674 states have (on average 1.6412146528247027) internal successors, (160304), 97685 states have internal predecessors, (160304), 20480 states have call successors, (20480), 59 states have call predecessors, (20480), 64 states have return successors, (23337), 20478 states have call predecessors, (23337), 20478 states have call successors, (23337) [2025-03-03 14:26:32,215 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118219 states to 118219 states and 204121 transitions. [2025-03-03 14:26:32,267 INFO L78 Accepts]: Start accepts. Automaton has 118219 states and 204121 transitions. Word has length 176 [2025-03-03 14:26:32,267 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:32,267 INFO L471 AbstractCegarLoop]: Abstraction has 118219 states and 204121 transitions. [2025-03-03 14:26:32,268 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 36.333333333333336) internal successors, (109), 3 states have internal predecessors, (109), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:32,268 INFO L276 IsEmpty]: Start isEmpty. Operand 118219 states and 204121 transitions. [2025-03-03 14:26:32,481 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 178 [2025-03-03 14:26:32,481 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:32,481 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:32,481 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-03 14:26:32,482 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:32,482 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:32,482 INFO L85 PathProgramCache]: Analyzing trace with hash -892619598, now seen corresponding path program 1 times [2025-03-03 14:26:32,482 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:32,483 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [935991516] [2025-03-03 14:26:32,483 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:32,483 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:32,503 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 177 statements into 1 equivalence classes. [2025-03-03 14:26:32,510 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 177 of 177 statements. [2025-03-03 14:26:32,510 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:32,511 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:32,547 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:32,547 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:32,547 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [935991516] [2025-03-03 14:26:32,547 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [935991516] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:32,547 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:32,548 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:32,548 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1772390104] [2025-03-03 14:26:32,548 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:32,548 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:32,548 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:32,549 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:32,549 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:32,549 INFO L87 Difference]: Start difference. First operand 118219 states and 204121 transitions. Second operand has 3 states, 3 states have (on average 36.666666666666664) internal successors, (110), 3 states have internal predecessors, (110), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:36,780 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:36,781 INFO L93 Difference]: Finished difference Result 221109 states and 382752 transitions. [2025-03-03 14:26:36,781 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:36,781 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 36.666666666666664) internal successors, (110), 3 states have internal predecessors, (110), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 177 [2025-03-03 14:26:36,781 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:37,737 INFO L225 Difference]: With dead ends: 221109 [2025-03-03 14:26:37,737 INFO L226 Difference]: Without dead ends: 220685 [2025-03-03 14:26:37,853 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:37,854 INFO L435 NwaCegarLoop]: 606 mSDtfsCounter, 103 mSDsluCounter, 596 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 1202 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:37,855 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [120 Valid, 1202 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:38,009 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 220685 states.