./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec7_product34.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec7_product34.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 5f7b52dfa978a30892cebb35c28a84cc12db47d20591a31b18d58060a0678455 --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:26:09,147 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:26:09,202 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:26:09,211 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:26:09,211 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:26:09,234 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:26:09,235 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:26:09,235 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:26:09,236 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:26:09,236 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:26:09,236 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:26:09,236 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:26:09,236 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:26:09,237 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:26:09,237 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:26:09,237 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:26:09,238 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:26:09,238 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:26:09,238 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:26:09,238 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:26:09,238 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:26:09,238 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:26:09,238 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:26:09,238 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:26:09,238 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:26:09,238 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:26:09,238 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 5f7b52dfa978a30892cebb35c28a84cc12db47d20591a31b18d58060a0678455 [2025-03-03 14:26:09,439 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:26:09,447 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:26:09,449 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:26:09,449 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:26:09,450 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:26:09,450 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec7_product34.cil.c [2025-03-03 14:26:10,668 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/eb2b971b4/4dfe3d64fbc846a28fd51b5e8abe4a32/FLAGffd082bca [2025-03-03 14:26:10,983 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:26:10,985 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec7_product34.cil.c [2025-03-03 14:26:11,014 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/eb2b971b4/4dfe3d64fbc846a28fd51b5e8abe4a32/FLAGffd082bca [2025-03-03 14:26:11,036 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/eb2b971b4/4dfe3d64fbc846a28fd51b5e8abe4a32 [2025-03-03 14:26:11,039 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:26:11,040 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:26:11,042 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:26:11,042 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:26:11,047 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:26:11,048 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,048 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6ae8d271 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11, skipping insertion in model container [2025-03-03 14:26:11,049 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,096 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:26:11,282 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec7_product34.cil.c[10988,11001] [2025-03-03 14:26:11,472 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:26:11,490 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:26:11,496 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [48] [2025-03-03 14:26:11,497 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [380] [2025-03-03 14:26:11,497 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EncryptVerify_spec.i","") [528] [2025-03-03 14:26:11,497 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [547] [2025-03-03 14:26:11,497 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [556] [2025-03-03 14:26:11,498 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [922] [2025-03-03 14:26:11,498 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1324] [2025-03-03 14:26:11,498 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [1359] [2025-03-03 14:26:11,498 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [2428] [2025-03-03 14:26:11,498 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [2445] [2025-03-03 14:26:11,498 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [2842] [2025-03-03 14:26:11,523 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec7_product34.cil.c[10988,11001] [2025-03-03 14:26:11,581 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:26:11,600 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:26:11,601 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11 WrapperNode [2025-03-03 14:26:11,602 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:26:11,602 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:26:11,602 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:26:11,603 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:26:11,608 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,630 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,669 INFO L138 Inliner]: procedures = 134, calls = 218, calls flagged for inlining = 62, calls inlined = 59, statements flattened = 1089 [2025-03-03 14:26:11,670 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:26:11,670 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:26:11,670 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:26:11,670 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:26:11,676 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,676 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,683 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,711 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-03 14:26:11,711 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,711 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,729 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,733 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,741 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,747 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,755 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:26:11,759 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:26:11,759 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:26:11,759 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:26:11,760 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (1/1) ... [2025-03-03 14:26:11,764 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:26:11,775 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:11,787 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:26:11,791 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:26:11,810 INFO L130 BoogieDeclarations]: Found specification of procedure getClientPrivateKey [2025-03-03 14:26:11,810 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientPrivateKey [2025-03-03 14:26:11,810 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-03 14:26:11,810 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-03 14:26:11,811 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-03 14:26:11,811 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-03 14:26:11,811 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-03 14:26:11,811 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-03 14:26:11,811 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-03 14:26:11,812 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-03 14:26:11,812 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-03 14:26:11,812 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-03 14:26:11,812 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-03 14:26:11,812 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-03 14:26:11,812 INFO L130 BoogieDeclarations]: Found specification of procedure isReadable [2025-03-03 14:26:11,812 INFO L138 BoogieDeclarations]: Found implementation of procedure isReadable [2025-03-03 14:26:11,813 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-03 14:26:11,813 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-03 14:26:11,813 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-03 14:26:11,813 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-03 14:26:11,813 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailSignKey [2025-03-03 14:26:11,813 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailSignKey [2025-03-03 14:26:11,813 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-03 14:26:11,813 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-03 14:26:11,813 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailFrom [2025-03-03 14:26:11,813 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailFrom [2025-03-03 14:26:11,813 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure isSigned [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure isSigned [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure isKeyPairValid [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure isKeyPairValid [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure findPublicKey [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure findPublicKey [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-03 14:26:11,814 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:26:11,814 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:26:11,989 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:26:11,992 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:26:12,103 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1231: #res := ~retValue_acc~16; [2025-03-03 14:26:12,115 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2738: #res := ~retValue_acc~43; [2025-03-03 14:26:12,157 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2017-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~31#1; [2025-03-03 14:26:12,157 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2062: #res#1 := ~retValue_acc~32#1; [2025-03-03 14:26:12,352 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2358-1: getClientForwardReceiver_#res#1 := getClientForwardReceiver_~retValue_acc~36#1; [2025-03-03 14:26:12,353 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1305-1: isVerified_#res#1 := isVerified_~retValue_acc~18#1; [2025-03-03 14:26:12,353 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L968-1: getEmailId_#res#1 := getEmailId_~retValue_acc~9#1; [2025-03-03 14:26:12,353 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2405-1: getClientId_#res#1 := getClientId_~retValue_acc~37#1; [2025-03-03 14:26:12,375 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2286: #res := ~retValue_acc~35; [2025-03-03 14:26:12,383 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1970: #res := ~retValue_acc~30; [2025-03-03 14:26:12,393 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L525-1: createEmail_#res#1 := createEmail_~retValue_acc~4#1; [2025-03-03 14:26:12,401 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1514: #res := ~retValue_acc~24; [2025-03-03 14:26:12,413 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1157: #res := ~retValue_acc~14; [2025-03-03 14:26:12,452 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1194: #res := ~retValue_acc~15; [2025-03-03 14:26:12,458 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1268: #res := ~retValue_acc~17; [2025-03-03 14:26:12,481 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1042: #res := ~retValue_acc~11; [2025-03-03 14:26:12,539 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1840: #res := ~retValue_acc~28; [2025-03-03 14:26:12,732 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2232-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~34#1; [2025-03-03 14:26:12,732 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2695-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~40#1; [2025-03-03 14:26:12,732 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2713-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~42#1; [2025-03-03 14:26:12,732 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2125-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~33#1; [2025-03-03 14:26:12,732 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L2704-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~41#1; [2025-03-03 14:26:12,732 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1356-1: valid_product_#res#1 := valid_product_~retValue_acc~20#1; [2025-03-03 14:26:12,737 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1005: #res := ~retValue_acc~10; [2025-03-03 14:26:12,746 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L481-1: isReadable__wrappee__Keys_#res#1 := isReadable__wrappee__Keys_~retValue_acc~1#1; [2025-03-03 14:26:12,746 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L501: #res#1 := ~retValue_acc~2#1; [2025-03-03 14:26:12,897 INFO L? ?]: Removed 580 outVars from TransFormulas that were not future-live. [2025-03-03 14:26:12,897 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:26:12,915 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:26:12,916 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:26:12,916 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:26:12 BoogieIcfgContainer [2025-03-03 14:26:12,916 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:26:12,918 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:26:12,918 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:26:12,921 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:26:12,922 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:26:11" (1/3) ... [2025-03-03 14:26:12,922 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@11f1841c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:26:12, skipping insertion in model container [2025-03-03 14:26:12,922 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:26:11" (2/3) ... [2025-03-03 14:26:12,922 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@11f1841c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:26:12, skipping insertion in model container [2025-03-03 14:26:12,922 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:26:12" (3/3) ... [2025-03-03 14:26:12,924 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec7_product34.cil.c [2025-03-03 14:26:12,937 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:26:12,941 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec7_product34.cil.c that has 29 procedures, 443 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-03 14:26:12,994 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:26:13,002 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@2a295aca, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:26:13,002 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:26:13,007 INFO L276 IsEmpty]: Start isEmpty. Operand has 443 states, 343 states have (on average 1.5364431486880465) internal successors, (527), 348 states have internal predecessors, (527), 70 states have call successors, (70), 28 states have call predecessors, (70), 28 states have return successors, (70), 69 states have call predecessors, (70), 70 states have call successors, (70) [2025-03-03 14:26:13,019 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 130 [2025-03-03 14:26:13,020 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:13,020 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:13,021 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:13,024 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:13,025 INFO L85 PathProgramCache]: Analyzing trace with hash -364269687, now seen corresponding path program 1 times [2025-03-03 14:26:13,030 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:13,031 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [276211438] [2025-03-03 14:26:13,033 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:13,034 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:13,143 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 129 statements into 1 equivalence classes. [2025-03-03 14:26:13,219 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 129 of 129 statements. [2025-03-03 14:26:13,219 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:13,219 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:13,647 INFO L134 CoverageAnalysis]: Checked inductivity of 36 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:26:13,648 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:13,648 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [276211438] [2025-03-03 14:26:13,649 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [276211438] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:13,649 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [196814110] [2025-03-03 14:26:13,650 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:13,650 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:13,650 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:13,652 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:13,655 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:26:13,822 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 129 statements into 1 equivalence classes. [2025-03-03 14:26:13,974 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 129 of 129 statements. [2025-03-03 14:26:13,974 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:13,974 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:13,981 INFO L256 TraceCheckSpWp]: Trace formula consists of 1167 conjuncts, 1 conjuncts are in the unsatisfiable core [2025-03-03 14:26:13,989 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:14,014 INFO L134 CoverageAnalysis]: Checked inductivity of 36 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2025-03-03 14:26:14,015 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:14,015 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [196814110] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:14,015 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:14,015 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [5] total 5 [2025-03-03 14:26:14,019 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [359008425] [2025-03-03 14:26:14,019 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:14,022 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:26:14,023 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:14,040 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:26:14,041 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:14,044 INFO L87 Difference]: Start difference. First operand has 443 states, 343 states have (on average 1.5364431486880465) internal successors, (527), 348 states have internal predecessors, (527), 70 states have call successors, (70), 28 states have call predecessors, (70), 28 states have return successors, (70), 69 states have call predecessors, (70), 70 states have call successors, (70) Second operand has 2 states, 2 states have (on average 35.5) internal successors, (71), 2 states have internal predecessors, (71), 2 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:14,103 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:14,104 INFO L93 Difference]: Finished difference Result 694 states and 1026 transitions. [2025-03-03 14:26:14,105 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:26:14,107 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 35.5) internal successors, (71), 2 states have internal predecessors, (71), 2 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) Word has length 129 [2025-03-03 14:26:14,108 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:14,120 INFO L225 Difference]: With dead ends: 694 [2025-03-03 14:26:14,120 INFO L226 Difference]: Without dead ends: 436 [2025-03-03 14:26:14,125 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 133 GetRequests, 130 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:14,128 INFO L435 NwaCegarLoop]: 664 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 664 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:14,130 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 664 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:14,142 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 436 states. [2025-03-03 14:26:14,176 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 436 to 436. [2025-03-03 14:26:14,180 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 436 states, 337 states have (on average 1.5341246290801187) internal successors, (517), 341 states have internal predecessors, (517), 70 states have call successors, (70), 28 states have call predecessors, (70), 28 states have return successors, (69), 68 states have call predecessors, (69), 69 states have call successors, (69) [2025-03-03 14:26:14,186 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 436 states to 436 states and 656 transitions. [2025-03-03 14:26:14,188 INFO L78 Accepts]: Start accepts. Automaton has 436 states and 656 transitions. Word has length 129 [2025-03-03 14:26:14,189 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:14,189 INFO L471 AbstractCegarLoop]: Abstraction has 436 states and 656 transitions. [2025-03-03 14:26:14,189 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 35.5) internal successors, (71), 2 states have internal predecessors, (71), 2 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:14,189 INFO L276 IsEmpty]: Start isEmpty. Operand 436 states and 656 transitions. [2025-03-03 14:26:14,194 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 150 [2025-03-03 14:26:14,194 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:14,195 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:14,203 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2025-03-03 14:26:14,395 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-03 14:26:14,395 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:14,396 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:14,396 INFO L85 PathProgramCache]: Analyzing trace with hash 891773171, now seen corresponding path program 1 times [2025-03-03 14:26:14,396 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:14,396 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1946807020] [2025-03-03 14:26:14,396 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:14,396 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:14,434 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 149 statements into 1 equivalence classes. [2025-03-03 14:26:14,445 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 149 of 149 statements. [2025-03-03 14:26:14,445 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:14,445 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:14,671 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2025-03-03 14:26:14,672 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:14,672 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1946807020] [2025-03-03 14:26:14,672 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1946807020] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:14,672 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1141884331] [2025-03-03 14:26:14,672 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:14,672 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:14,672 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:14,674 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:14,675 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:26:14,855 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 149 statements into 1 equivalence classes. [2025-03-03 14:26:14,973 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 149 of 149 statements. [2025-03-03 14:26:14,974 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:14,974 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:14,978 INFO L256 TraceCheckSpWp]: Trace formula consists of 1246 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-03 14:26:14,982 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:15,005 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2025-03-03 14:26:15,005 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:15,005 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1141884331] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:15,005 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:15,005 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:26:15,006 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [190594516] [2025-03-03 14:26:15,006 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:15,006 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:15,007 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:15,007 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:15,007 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:26:15,008 INFO L87 Difference]: Start difference. First operand 436 states and 656 transitions. Second operand has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:15,054 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:15,055 INFO L93 Difference]: Finished difference Result 683 states and 1004 transitions. [2025-03-03 14:26:15,055 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:15,055 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 149 [2025-03-03 14:26:15,056 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:15,059 INFO L225 Difference]: With dead ends: 683 [2025-03-03 14:26:15,061 INFO L226 Difference]: Without dead ends: 438 [2025-03-03 14:26:15,063 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 153 GetRequests, 149 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:26:15,064 INFO L435 NwaCegarLoop]: 655 mSDtfsCounter, 0 mSDsluCounter, 653 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1308 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:15,064 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1308 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:15,065 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 438 states. [2025-03-03 14:26:15,089 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 438 to 438. [2025-03-03 14:26:15,091 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 438 states, 339 states have (on average 1.5309734513274336) internal successors, (519), 343 states have internal predecessors, (519), 70 states have call successors, (70), 28 states have call predecessors, (70), 28 states have return successors, (69), 68 states have call predecessors, (69), 69 states have call successors, (69) [2025-03-03 14:26:15,094 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 438 states to 438 states and 658 transitions. [2025-03-03 14:26:15,095 INFO L78 Accepts]: Start accepts. Automaton has 438 states and 658 transitions. Word has length 149 [2025-03-03 14:26:15,095 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:15,095 INFO L471 AbstractCegarLoop]: Abstraction has 438 states and 658 transitions. [2025-03-03 14:26:15,095 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:15,096 INFO L276 IsEmpty]: Start isEmpty. Operand 438 states and 658 transitions. [2025-03-03 14:26:15,098 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 136 [2025-03-03 14:26:15,098 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:15,099 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:15,106 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-03-03 14:26:15,299 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-03 14:26:15,299 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:15,300 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:15,300 INFO L85 PathProgramCache]: Analyzing trace with hash -1210505100, now seen corresponding path program 1 times [2025-03-03 14:26:15,300 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:15,300 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1108464027] [2025-03-03 14:26:15,300 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:15,300 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:15,325 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 135 statements into 1 equivalence classes. [2025-03-03 14:26:15,334 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 135 of 135 statements. [2025-03-03 14:26:15,334 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:15,334 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:15,498 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2025-03-03 14:26:15,499 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:15,499 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1108464027] [2025-03-03 14:26:15,500 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1108464027] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:15,500 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [588572731] [2025-03-03 14:26:15,500 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:15,500 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:15,500 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:15,502 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:15,504 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:26:15,649 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 135 statements into 1 equivalence classes. [2025-03-03 14:26:15,759 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 135 of 135 statements. [2025-03-03 14:26:15,759 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:15,759 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:15,766 INFO L256 TraceCheckSpWp]: Trace formula consists of 1180 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:26:15,773 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:15,790 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2025-03-03 14:26:15,790 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:15,790 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [588572731] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:15,790 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:15,790 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:26:15,791 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1623349939] [2025-03-03 14:26:15,791 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:15,791 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:15,791 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:15,791 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:15,794 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:26:15,794 INFO L87 Difference]: Start difference. First operand 438 states and 658 transitions. Second operand has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:15,837 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:15,837 INFO L93 Difference]: Finished difference Result 923 states and 1407 transitions. [2025-03-03 14:26:15,837 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:15,838 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) Word has length 135 [2025-03-03 14:26:15,839 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:15,842 INFO L225 Difference]: With dead ends: 923 [2025-03-03 14:26:15,843 INFO L226 Difference]: Without dead ends: 512 [2025-03-03 14:26:15,845 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 135 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:26:15,846 INFO L435 NwaCegarLoop]: 665 mSDtfsCounter, 134 mSDsluCounter, 610 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 152 SdHoareTripleChecker+Valid, 1275 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:15,846 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [152 Valid, 1275 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:15,847 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 512 states. [2025-03-03 14:26:15,865 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 512 to 504. [2025-03-03 14:26:15,867 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 504 states, 391 states have (on average 1.5524296675191815) internal successors, (607), 395 states have internal predecessors, (607), 84 states have call successors, (84), 28 states have call predecessors, (84), 28 states have return successors, (83), 82 states have call predecessors, (83), 83 states have call successors, (83) [2025-03-03 14:26:15,872 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 504 states to 504 states and 774 transitions. [2025-03-03 14:26:15,873 INFO L78 Accepts]: Start accepts. Automaton has 504 states and 774 transitions. Word has length 135 [2025-03-03 14:26:15,874 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:15,874 INFO L471 AbstractCegarLoop]: Abstraction has 504 states and 774 transitions. [2025-03-03 14:26:15,874 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:15,874 INFO L276 IsEmpty]: Start isEmpty. Operand 504 states and 774 transitions. [2025-03-03 14:26:15,877 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 156 [2025-03-03 14:26:15,878 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:15,879 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:15,887 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:16,079 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:16,079 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:16,080 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:16,080 INFO L85 PathProgramCache]: Analyzing trace with hash 223628014, now seen corresponding path program 1 times [2025-03-03 14:26:16,080 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:16,080 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1728574265] [2025-03-03 14:26:16,080 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:16,080 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:16,102 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 155 statements into 1 equivalence classes. [2025-03-03 14:26:16,108 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 155 of 155 statements. [2025-03-03 14:26:16,108 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:16,108 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:16,244 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 44 trivial. 0 not checked. [2025-03-03 14:26:16,245 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:16,245 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1728574265] [2025-03-03 14:26:16,245 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1728574265] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:16,245 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [794860979] [2025-03-03 14:26:16,245 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:16,245 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:16,245 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:16,247 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:16,249 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-03 14:26:16,424 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 155 statements into 1 equivalence classes. [2025-03-03 14:26:16,536 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 155 of 155 statements. [2025-03-03 14:26:16,536 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:16,536 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:16,543 INFO L256 TraceCheckSpWp]: Trace formula consists of 1263 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-03 14:26:16,547 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:16,589 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2025-03-03 14:26:16,589 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:16,589 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [794860979] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:16,589 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:16,590 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:26:16,590 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [423977992] [2025-03-03 14:26:16,590 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:16,591 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:16,591 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:16,591 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:16,591 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:16,591 INFO L87 Difference]: Start difference. First operand 504 states and 774 transitions. Second operand has 5 states, 4 states have (on average 23.25) internal successors, (93), 5 states have internal predecessors, (93), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:26:16,656 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:16,656 INFO L93 Difference]: Finished difference Result 999 states and 1538 transitions. [2025-03-03 14:26:16,657 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:16,657 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 23.25) internal successors, (93), 5 states have internal predecessors, (93), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) Word has length 155 [2025-03-03 14:26:16,657 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:16,660 INFO L225 Difference]: With dead ends: 999 [2025-03-03 14:26:16,660 INFO L226 Difference]: Without dead ends: 506 [2025-03-03 14:26:16,662 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 159 GetRequests, 153 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:16,662 INFO L435 NwaCegarLoop]: 648 mSDtfsCounter, 2 mSDsluCounter, 1933 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2581 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:16,662 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2581 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:16,663 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 506 states. [2025-03-03 14:26:16,677 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 506 to 506. [2025-03-03 14:26:16,678 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 506 states, 392 states have (on average 1.5510204081632653) internal successors, (608), 397 states have internal predecessors, (608), 84 states have call successors, (84), 28 states have call predecessors, (84), 29 states have return successors, (85), 82 states have call predecessors, (85), 83 states have call successors, (85) [2025-03-03 14:26:16,681 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 506 states to 506 states and 777 transitions. [2025-03-03 14:26:16,681 INFO L78 Accepts]: Start accepts. Automaton has 506 states and 777 transitions. Word has length 155 [2025-03-03 14:26:16,682 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:16,682 INFO L471 AbstractCegarLoop]: Abstraction has 506 states and 777 transitions. [2025-03-03 14:26:16,682 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 23.25) internal successors, (93), 5 states have internal predecessors, (93), 3 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:26:16,682 INFO L276 IsEmpty]: Start isEmpty. Operand 506 states and 777 transitions. [2025-03-03 14:26:16,684 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 138 [2025-03-03 14:26:16,684 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:16,684 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:16,693 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:16,888 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:16,888 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:16,888 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:16,889 INFO L85 PathProgramCache]: Analyzing trace with hash 618115982, now seen corresponding path program 1 times [2025-03-03 14:26:16,889 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:16,889 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [297703662] [2025-03-03 14:26:16,889 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:16,889 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:16,905 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 137 statements into 1 equivalence classes. [2025-03-03 14:26:16,914 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 137 of 137 statements. [2025-03-03 14:26:16,914 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:16,914 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:17,033 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 26 trivial. 0 not checked. [2025-03-03 14:26:17,033 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:17,033 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [297703662] [2025-03-03 14:26:17,033 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [297703662] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:17,033 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1854758384] [2025-03-03 14:26:17,033 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:17,033 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:17,034 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:17,035 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:17,037 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-03 14:26:17,175 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 137 statements into 1 equivalence classes. [2025-03-03 14:26:17,278 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 137 of 137 statements. [2025-03-03 14:26:17,278 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:17,278 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:17,286 INFO L256 TraceCheckSpWp]: Trace formula consists of 1186 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:26:17,289 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:17,334 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2025-03-03 14:26:17,334 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:17,334 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1854758384] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:17,334 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:17,334 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-03 14:26:17,334 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1848073773] [2025-03-03 14:26:17,335 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:17,335 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:17,335 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:17,335 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:17,335 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:26:17,336 INFO L87 Difference]: Start difference. First operand 506 states and 777 transitions. Second operand has 5 states, 5 states have (on average 17.6) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-03 14:26:17,397 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:17,398 INFO L93 Difference]: Finished difference Result 1001 states and 1543 transitions. [2025-03-03 14:26:17,398 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:17,398 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 17.6) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) Word has length 137 [2025-03-03 14:26:17,398 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:17,403 INFO L225 Difference]: With dead ends: 1001 [2025-03-03 14:26:17,403 INFO L226 Difference]: Without dead ends: 508 [2025-03-03 14:26:17,406 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 144 GetRequests, 135 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:26:17,406 INFO L435 NwaCegarLoop]: 646 mSDtfsCounter, 2 mSDsluCounter, 1921 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2567 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:17,406 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2567 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:17,407 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 508 states. [2025-03-03 14:26:17,433 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 508 to 508. [2025-03-03 14:26:17,434 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 508 states, 393 states have (on average 1.549618320610687) internal successors, (609), 399 states have internal predecessors, (609), 84 states have call successors, (84), 28 states have call predecessors, (84), 30 states have return successors, (90), 82 states have call predecessors, (90), 83 states have call successors, (90) [2025-03-03 14:26:17,438 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 508 states to 508 states and 783 transitions. [2025-03-03 14:26:17,439 INFO L78 Accepts]: Start accepts. Automaton has 508 states and 783 transitions. Word has length 137 [2025-03-03 14:26:17,440 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:17,440 INFO L471 AbstractCegarLoop]: Abstraction has 508 states and 783 transitions. [2025-03-03 14:26:17,440 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 17.6) internal successors, (88), 5 states have internal predecessors, (88), 3 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 3 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-03 14:26:17,440 INFO L276 IsEmpty]: Start isEmpty. Operand 508 states and 783 transitions. [2025-03-03 14:26:17,442 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 139 [2025-03-03 14:26:17,442 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:17,442 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:17,451 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:17,646 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:17,646 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:17,646 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:17,646 INFO L85 PathProgramCache]: Analyzing trace with hash -1796258920, now seen corresponding path program 1 times [2025-03-03 14:26:17,646 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:17,646 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [573380128] [2025-03-03 14:26:17,647 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:17,647 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:17,669 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 138 statements into 1 equivalence classes. [2025-03-03 14:26:17,676 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 138 of 138 statements. [2025-03-03 14:26:17,676 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:17,676 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:17,776 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2025-03-03 14:26:17,776 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:17,776 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [573380128] [2025-03-03 14:26:17,776 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [573380128] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:17,776 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:17,777 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:26:17,777 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [832249511] [2025-03-03 14:26:17,777 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:17,778 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:17,778 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:17,778 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:17,778 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:17,778 INFO L87 Difference]: Start difference. First operand 508 states and 783 transitions. Second operand has 5 states, 4 states have (on average 21.0) internal successors, (84), 5 states have internal predecessors, (84), 3 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-03 14:26:17,839 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:17,840 INFO L93 Difference]: Finished difference Result 993 states and 1534 transitions. [2025-03-03 14:26:17,840 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:17,840 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 21.0) internal successors, (84), 5 states have internal predecessors, (84), 3 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 3 states have call successors, (17) Word has length 138 [2025-03-03 14:26:17,841 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:17,844 INFO L225 Difference]: With dead ends: 993 [2025-03-03 14:26:17,845 INFO L226 Difference]: Without dead ends: 508 [2025-03-03 14:26:17,846 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:17,848 INFO L435 NwaCegarLoop]: 649 mSDtfsCounter, 2 mSDsluCounter, 1936 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2585 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:17,848 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2585 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:17,850 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 508 states. [2025-03-03 14:26:17,865 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 508 to 508. [2025-03-03 14:26:17,866 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 508 states, 393 states have (on average 1.549618320610687) internal successors, (609), 399 states have internal predecessors, (609), 84 states have call successors, (84), 28 states have call predecessors, (84), 30 states have return successors, (89), 82 states have call predecessors, (89), 83 states have call successors, (89) [2025-03-03 14:26:17,869 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 508 states to 508 states and 782 transitions. [2025-03-03 14:26:17,869 INFO L78 Accepts]: Start accepts. Automaton has 508 states and 782 transitions. Word has length 138 [2025-03-03 14:26:17,870 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:17,870 INFO L471 AbstractCegarLoop]: Abstraction has 508 states and 782 transitions. [2025-03-03 14:26:17,870 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 21.0) internal successors, (84), 5 states have internal predecessors, (84), 3 states have call successors, (20), 2 states have call predecessors, (20), 2 states have return successors, (17), 2 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-03 14:26:17,870 INFO L276 IsEmpty]: Start isEmpty. Operand 508 states and 782 transitions. [2025-03-03 14:26:17,872 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 140 [2025-03-03 14:26:17,872 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:17,872 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:17,872 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:26:17,872 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:17,872 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:17,873 INFO L85 PathProgramCache]: Analyzing trace with hash -93258503, now seen corresponding path program 2 times [2025-03-03 14:26:17,873 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:17,873 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1201018707] [2025-03-03 14:26:17,873 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:26:17,873 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:17,891 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 139 statements into 2 equivalence classes. [2025-03-03 14:26:17,898 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) and asserted 59 of 139 statements. [2025-03-03 14:26:17,898 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2025-03-03 14:26:17,898 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:18,041 INFO L134 CoverageAnalysis]: Checked inductivity of 39 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2025-03-03 14:26:18,042 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:18,042 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1201018707] [2025-03-03 14:26:18,042 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1201018707] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:18,042 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:18,042 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:26:18,042 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [445362373] [2025-03-03 14:26:18,043 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:18,044 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:26:18,044 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:18,044 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:26:18,044 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:18,045 INFO L87 Difference]: Start difference. First operand 508 states and 782 transitions. Second operand has 8 states, 8 states have (on average 10.75) internal successors, (86), 7 states have internal predecessors, (86), 3 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 4 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-03 14:26:18,462 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:18,462 INFO L93 Difference]: Finished difference Result 1390 states and 2111 transitions. [2025-03-03 14:26:18,462 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2025-03-03 14:26:18,463 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 10.75) internal successors, (86), 7 states have internal predecessors, (86), 3 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 4 states have call predecessors, (17), 3 states have call successors, (17) Word has length 139 [2025-03-03 14:26:18,463 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:18,469 INFO L225 Difference]: With dead ends: 1390 [2025-03-03 14:26:18,469 INFO L226 Difference]: Without dead ends: 1151 [2025-03-03 14:26:18,471 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=39, Invalid=117, Unknown=0, NotChecked=0, Total=156 [2025-03-03 14:26:18,471 INFO L435 NwaCegarLoop]: 705 mSDtfsCounter, 793 mSDsluCounter, 4008 mSDsCounter, 0 mSdLazyCounter, 366 mSolverCounterSat, 35 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 815 SdHoareTripleChecker+Valid, 4713 SdHoareTripleChecker+Invalid, 401 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 35 IncrementalHoareTripleChecker+Valid, 366 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:18,471 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [815 Valid, 4713 Invalid, 401 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [35 Valid, 366 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2025-03-03 14:26:18,472 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1151 states. [2025-03-03 14:26:18,510 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1151 to 1011. [2025-03-03 14:26:18,512 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1011 states, 784 states have (on average 1.5535714285714286) internal successors, (1218), 793 states have internal predecessors, (1218), 166 states have call successors, (166), 57 states have call predecessors, (166), 60 states have return successors, (180), 164 states have call predecessors, (180), 164 states have call successors, (180) [2025-03-03 14:26:18,517 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1011 states to 1011 states and 1564 transitions. [2025-03-03 14:26:18,518 INFO L78 Accepts]: Start accepts. Automaton has 1011 states and 1564 transitions. Word has length 139 [2025-03-03 14:26:18,519 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:18,519 INFO L471 AbstractCegarLoop]: Abstraction has 1011 states and 1564 transitions. [2025-03-03 14:26:18,519 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 10.75) internal successors, (86), 7 states have internal predecessors, (86), 3 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 4 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-03 14:26:18,519 INFO L276 IsEmpty]: Start isEmpty. Operand 1011 states and 1564 transitions. [2025-03-03 14:26:18,522 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 160 [2025-03-03 14:26:18,522 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:18,522 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:18,522 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:26:18,523 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:18,523 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:18,523 INFO L85 PathProgramCache]: Analyzing trace with hash 23915162, now seen corresponding path program 1 times [2025-03-03 14:26:18,523 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:18,523 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [834162130] [2025-03-03 14:26:18,523 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:18,524 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:18,545 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 159 statements into 1 equivalence classes. [2025-03-03 14:26:18,556 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 159 of 159 statements. [2025-03-03 14:26:18,557 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:18,557 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:18,700 INFO L134 CoverageAnalysis]: Checked inductivity of 51 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 44 trivial. 0 not checked. [2025-03-03 14:26:18,701 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:18,701 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [834162130] [2025-03-03 14:26:18,701 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [834162130] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:18,701 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:18,701 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:26:18,701 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [313867719] [2025-03-03 14:26:18,701 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:18,701 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:18,702 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:18,702 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:18,702 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:18,702 INFO L87 Difference]: Start difference. First operand 1011 states and 1564 transitions. Second operand has 5 states, 4 states have (on average 23.5) internal successors, (94), 5 states have internal predecessors, (94), 3 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:26:18,758 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:18,759 INFO L93 Difference]: Finished difference Result 1991 states and 3088 transitions. [2025-03-03 14:26:18,759 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:18,759 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 23.5) internal successors, (94), 5 states have internal predecessors, (94), 3 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) Word has length 159 [2025-03-03 14:26:18,760 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:18,765 INFO L225 Difference]: With dead ends: 1991 [2025-03-03 14:26:18,765 INFO L226 Difference]: Without dead ends: 1015 [2025-03-03 14:26:18,768 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:26:18,769 INFO L435 NwaCegarLoop]: 650 mSDtfsCounter, 1 mSDsluCounter, 1938 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2588 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:18,769 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2588 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:18,770 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1015 states. [2025-03-03 14:26:18,819 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1015 to 1015. [2025-03-03 14:26:18,821 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1015 states, 786 states have (on average 1.5521628498727735) internal successors, (1220), 797 states have internal predecessors, (1220), 166 states have call successors, (166), 57 states have call predecessors, (166), 62 states have return successors, (183), 164 states have call predecessors, (183), 164 states have call successors, (183) [2025-03-03 14:26:18,827 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1015 states to 1015 states and 1569 transitions. [2025-03-03 14:26:18,828 INFO L78 Accepts]: Start accepts. Automaton has 1015 states and 1569 transitions. Word has length 159 [2025-03-03 14:26:18,829 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:18,829 INFO L471 AbstractCegarLoop]: Abstraction has 1015 states and 1569 transitions. [2025-03-03 14:26:18,829 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 23.5) internal successors, (94), 5 states have internal predecessors, (94), 3 states have call successors, (23), 2 states have call predecessors, (23), 2 states have return successors, (20), 2 states have call predecessors, (20), 3 states have call successors, (20) [2025-03-03 14:26:18,829 INFO L276 IsEmpty]: Start isEmpty. Operand 1015 states and 1569 transitions. [2025-03-03 14:26:18,832 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 142 [2025-03-03 14:26:18,832 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:18,833 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:18,833 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:26:18,833 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:18,833 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:18,833 INFO L85 PathProgramCache]: Analyzing trace with hash 1453326565, now seen corresponding path program 1 times [2025-03-03 14:26:18,833 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:18,833 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1122469979] [2025-03-03 14:26:18,833 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:18,833 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:18,849 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 141 statements into 1 equivalence classes. [2025-03-03 14:26:18,854 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 141 of 141 statements. [2025-03-03 14:26:18,854 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:18,854 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:18,957 INFO L134 CoverageAnalysis]: Checked inductivity of 39 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 26 trivial. 0 not checked. [2025-03-03 14:26:18,958 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:18,958 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1122469979] [2025-03-03 14:26:18,958 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1122469979] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:18,958 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:18,958 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:26:18,958 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [61149498] [2025-03-03 14:26:18,958 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:18,958 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:26:18,958 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:18,959 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:26:18,959 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:18,959 INFO L87 Difference]: Start difference. First operand 1015 states and 1569 transitions. Second operand has 8 states, 7 states have (on average 13.0) internal successors, (91), 8 states have internal predecessors, (91), 4 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 3 states have call predecessors, (17), 4 states have call successors, (17) [2025-03-03 14:26:19,081 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:19,082 INFO L93 Difference]: Finished difference Result 1989 states and 3080 transitions. [2025-03-03 14:26:19,082 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-03-03 14:26:19,082 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 13.0) internal successors, (91), 8 states have internal predecessors, (91), 4 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 3 states have call predecessors, (17), 4 states have call successors, (17) Word has length 141 [2025-03-03 14:26:19,082 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:19,089 INFO L225 Difference]: With dead ends: 1989 [2025-03-03 14:26:19,089 INFO L226 Difference]: Without dead ends: 1019 [2025-03-03 14:26:19,093 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2025-03-03 14:26:19,094 INFO L435 NwaCegarLoop]: 640 mSDtfsCounter, 7 mSDsluCounter, 3811 mSDsCounter, 0 mSdLazyCounter, 145 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 8 SdHoareTripleChecker+Valid, 4451 SdHoareTripleChecker+Invalid, 149 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 145 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:19,094 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [8 Valid, 4451 Invalid, 149 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 145 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:26:19,096 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1019 states. [2025-03-03 14:26:19,128 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1019 to 1017. [2025-03-03 14:26:19,129 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1017 states, 788 states have (on average 1.5507614213197969) internal successors, (1222), 798 states have internal predecessors, (1222), 166 states have call successors, (166), 58 states have call predecessors, (166), 62 states have return successors, (181), 164 states have call predecessors, (181), 164 states have call successors, (181) [2025-03-03 14:26:19,134 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1017 states to 1017 states and 1569 transitions. [2025-03-03 14:26:19,136 INFO L78 Accepts]: Start accepts. Automaton has 1017 states and 1569 transitions. Word has length 141 [2025-03-03 14:26:19,136 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:19,136 INFO L471 AbstractCegarLoop]: Abstraction has 1017 states and 1569 transitions. [2025-03-03 14:26:19,136 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 13.0) internal successors, (91), 8 states have internal predecessors, (91), 4 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 3 states have call predecessors, (17), 4 states have call successors, (17) [2025-03-03 14:26:19,136 INFO L276 IsEmpty]: Start isEmpty. Operand 1017 states and 1569 transitions. [2025-03-03 14:26:19,140 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 143 [2025-03-03 14:26:19,140 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:19,140 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:19,140 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:26:19,141 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:19,141 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:19,142 INFO L85 PathProgramCache]: Analyzing trace with hash -1801218571, now seen corresponding path program 2 times [2025-03-03 14:26:19,142 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:19,142 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [346049436] [2025-03-03 14:26:19,142 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:26:19,142 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:19,163 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 142 statements into 2 equivalence classes. [2025-03-03 14:26:19,171 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) and asserted 62 of 142 statements. [2025-03-03 14:26:19,171 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 1 check-sat command(s) [2025-03-03 14:26:19,171 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:19,264 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 9 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2025-03-03 14:26:19,264 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:19,264 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [346049436] [2025-03-03 14:26:19,264 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [346049436] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:19,265 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:19,265 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:26:19,266 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1846636003] [2025-03-03 14:26:19,266 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:19,266 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:26:19,266 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:19,267 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:26:19,267 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:19,267 INFO L87 Difference]: Start difference. First operand 1017 states and 1569 transitions. Second operand has 8 states, 8 states have (on average 11.25) internal successors, (90), 7 states have internal predecessors, (90), 3 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 4 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-03 14:26:19,826 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:19,827 INFO L93 Difference]: Finished difference Result 2653 states and 4058 transitions. [2025-03-03 14:26:19,827 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2025-03-03 14:26:19,827 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 11.25) internal successors, (90), 7 states have internal predecessors, (90), 3 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 4 states have call predecessors, (17), 3 states have call successors, (17) Word has length 142 [2025-03-03 14:26:19,828 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:19,872 INFO L225 Difference]: With dead ends: 2653 [2025-03-03 14:26:19,872 INFO L226 Difference]: Without dead ends: 2177 [2025-03-03 14:26:19,874 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 14 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=40, Invalid=142, Unknown=0, NotChecked=0, Total=182 [2025-03-03 14:26:19,875 INFO L435 NwaCegarLoop]: 752 mSDtfsCounter, 671 mSDsluCounter, 4009 mSDsCounter, 0 mSdLazyCounter, 552 mSolverCounterSat, 22 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 671 SdHoareTripleChecker+Valid, 4761 SdHoareTripleChecker+Invalid, 574 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 22 IncrementalHoareTripleChecker+Valid, 552 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:19,876 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [671 Valid, 4761 Invalid, 574 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [22 Valid, 552 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2025-03-03 14:26:19,878 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2177 states. [2025-03-03 14:26:19,953 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2177 to 2005. [2025-03-03 14:26:19,955 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2005 states, 1557 states have (on average 1.5561978163134234) internal successors, (2423), 1578 states have internal predecessors, (2423), 322 states have call successors, (322), 114 states have call predecessors, (322), 125 states have return successors, (374), 320 states have call predecessors, (374), 318 states have call successors, (374) [2025-03-03 14:26:19,970 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2005 states to 2005 states and 3119 transitions. [2025-03-03 14:26:19,972 INFO L78 Accepts]: Start accepts. Automaton has 2005 states and 3119 transitions. Word has length 142 [2025-03-03 14:26:19,972 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:19,972 INFO L471 AbstractCegarLoop]: Abstraction has 2005 states and 3119 transitions. [2025-03-03 14:26:19,972 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 11.25) internal successors, (90), 7 states have internal predecessors, (90), 3 states have call successors, (20), 2 states have call predecessors, (20), 3 states have return successors, (17), 4 states have call predecessors, (17), 3 states have call successors, (17) [2025-03-03 14:26:19,972 INFO L276 IsEmpty]: Start isEmpty. Operand 2005 states and 3119 transitions. [2025-03-03 14:26:19,978 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 162 [2025-03-03 14:26:19,979 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:19,979 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:19,979 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2025-03-03 14:26:19,979 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:19,979 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:19,980 INFO L85 PathProgramCache]: Analyzing trace with hash 614702152, now seen corresponding path program 1 times [2025-03-03 14:26:19,980 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:19,980 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [785606714] [2025-03-03 14:26:19,980 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:19,980 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:20,006 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 161 statements into 1 equivalence classes. [2025-03-03 14:26:20,012 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 161 of 161 statements. [2025-03-03 14:26:20,012 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:20,012 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:20,099 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 0 proven. 8 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2025-03-03 14:26:20,100 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:20,100 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [785606714] [2025-03-03 14:26:20,100 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [785606714] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:20,100 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [765096863] [2025-03-03 14:26:20,100 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:20,100 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:20,100 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:20,102 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:20,104 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-03 14:26:20,264 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 161 statements into 1 equivalence classes. [2025-03-03 14:26:20,369 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 161 of 161 statements. [2025-03-03 14:26:20,370 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:20,370 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:20,374 INFO L256 TraceCheckSpWp]: Trace formula consists of 1269 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:26:20,378 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:20,418 INFO L134 CoverageAnalysis]: Checked inductivity of 54 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2025-03-03 14:26:20,419 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:26:20,419 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [765096863] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:20,419 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:26:20,419 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:26:20,419 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [807441027] [2025-03-03 14:26:20,419 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:20,419 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:26:20,419 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:20,420 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:26:20,420 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:20,420 INFO L87 Difference]: Start difference. First operand 2005 states and 3119 transitions. Second operand has 5 states, 5 states have (on average 19.0) internal successors, (95), 5 states have internal predecessors, (95), 2 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:20,507 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:20,507 INFO L93 Difference]: Finished difference Result 3025 states and 4697 transitions. [2025-03-03 14:26:20,507 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:26:20,508 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 19.0) internal successors, (95), 5 states have internal predecessors, (95), 2 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 161 [2025-03-03 14:26:20,508 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:20,520 INFO L225 Difference]: With dead ends: 3025 [2025-03-03 14:26:20,520 INFO L226 Difference]: Without dead ends: 2019 [2025-03-03 14:26:20,526 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 165 GetRequests, 159 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:20,526 INFO L435 NwaCegarLoop]: 649 mSDtfsCounter, 1 mSDsluCounter, 1929 mSDsCounter, 0 mSdLazyCounter, 48 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2578 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 48 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:20,526 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2578 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 48 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:20,529 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2019 states. [2025-03-03 14:26:20,593 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2019 to 2007. [2025-03-03 14:26:20,596 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2007 states, 1558 states have (on average 1.5558408215661104) internal successors, (2424), 1580 states have internal predecessors, (2424), 322 states have call successors, (322), 114 states have call predecessors, (322), 126 states have return successors, (376), 320 states have call predecessors, (376), 318 states have call successors, (376) [2025-03-03 14:26:20,608 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2007 states to 2007 states and 3122 transitions. [2025-03-03 14:26:20,610 INFO L78 Accepts]: Start accepts. Automaton has 2007 states and 3122 transitions. Word has length 161 [2025-03-03 14:26:20,610 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:20,610 INFO L471 AbstractCegarLoop]: Abstraction has 2007 states and 3122 transitions. [2025-03-03 14:26:20,611 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 19.0) internal successors, (95), 5 states have internal predecessors, (95), 2 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:20,611 INFO L276 IsEmpty]: Start isEmpty. Operand 2007 states and 3122 transitions. [2025-03-03 14:26:20,618 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 163 [2025-03-03 14:26:20,619 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:20,619 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:20,628 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:20,823 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:20,823 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:20,824 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:20,824 INFO L85 PathProgramCache]: Analyzing trace with hash 263865809, now seen corresponding path program 1 times [2025-03-03 14:26:20,824 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:20,824 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [786346694] [2025-03-03 14:26:20,824 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:20,824 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:20,850 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 162 statements into 1 equivalence classes. [2025-03-03 14:26:20,856 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 162 of 162 statements. [2025-03-03 14:26:20,856 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:20,856 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:21,016 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:21,016 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:21,016 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [786346694] [2025-03-03 14:26:21,016 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [786346694] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:21,016 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:21,017 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2025-03-03 14:26:21,017 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [14791091] [2025-03-03 14:26:21,017 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:21,017 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2025-03-03 14:26:21,017 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:21,018 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2025-03-03 14:26:21,018 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:26:21,018 INFO L87 Difference]: Start difference. First operand 2007 states and 3122 transitions. Second operand has 8 states, 7 states have (on average 14.285714285714286) internal successors, (100), 8 states have internal predecessors, (100), 4 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 4 states have call successors, (20) [2025-03-03 14:26:21,163 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:21,164 INFO L93 Difference]: Finished difference Result 2987 states and 4642 transitions. [2025-03-03 14:26:21,164 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2025-03-03 14:26:21,164 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 14.285714285714286) internal successors, (100), 8 states have internal predecessors, (100), 4 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 4 states have call successors, (20) Word has length 162 [2025-03-03 14:26:21,165 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:21,171 INFO L225 Difference]: With dead ends: 2987 [2025-03-03 14:26:21,171 INFO L226 Difference]: Without dead ends: 1029 [2025-03-03 14:26:21,177 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=69, Unknown=0, NotChecked=0, Total=90 [2025-03-03 14:26:21,178 INFO L435 NwaCegarLoop]: 642 mSDtfsCounter, 5 mSDsluCounter, 3823 mSDsCounter, 0 mSdLazyCounter, 151 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 6 SdHoareTripleChecker+Valid, 4465 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 151 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:21,178 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [6 Valid, 4465 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 151 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:26:21,179 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1029 states. [2025-03-03 14:26:21,214 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1029 to 1027. [2025-03-03 14:26:21,216 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1027 states, 795 states have (on average 1.5459119496855347) internal successors, (1229), 807 states have internal predecessors, (1229), 166 states have call successors, (166), 59 states have call predecessors, (166), 65 states have return successors, (190), 164 states have call predecessors, (190), 164 states have call successors, (190) [2025-03-03 14:26:21,221 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1027 states to 1027 states and 1585 transitions. [2025-03-03 14:26:21,223 INFO L78 Accepts]: Start accepts. Automaton has 1027 states and 1585 transitions. Word has length 162 [2025-03-03 14:26:21,223 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:21,223 INFO L471 AbstractCegarLoop]: Abstraction has 1027 states and 1585 transitions. [2025-03-03 14:26:21,223 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 14.285714285714286) internal successors, (100), 8 states have internal predecessors, (100), 4 states have call successors, (23), 2 states have call predecessors, (23), 3 states have return successors, (20), 3 states have call predecessors, (20), 4 states have call successors, (20) [2025-03-03 14:26:21,223 INFO L276 IsEmpty]: Start isEmpty. Operand 1027 states and 1585 transitions. [2025-03-03 14:26:21,227 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 144 [2025-03-03 14:26:21,227 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:21,227 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:21,227 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-03 14:26:21,228 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:21,228 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:21,228 INFO L85 PathProgramCache]: Analyzing trace with hash -994879000, now seen corresponding path program 1 times [2025-03-03 14:26:21,228 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:21,228 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [46608474] [2025-03-03 14:26:21,228 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:21,229 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:21,251 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 143 statements into 1 equivalence classes. [2025-03-03 14:26:21,258 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 143 of 143 statements. [2025-03-03 14:26:21,258 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:21,258 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:21,327 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:21,328 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:21,328 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [46608474] [2025-03-03 14:26:21,328 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [46608474] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:26:21,328 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1617820020] [2025-03-03 14:26:21,328 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:21,328 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:21,328 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:26:21,330 INFO L229 MonitoredProcess]: Starting monitored process 8 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:26:21,332 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Waiting until timeout for monitored process [2025-03-03 14:26:21,481 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 143 statements into 1 equivalence classes. [2025-03-03 14:26:21,573 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 143 of 143 statements. [2025-03-03 14:26:21,573 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:21,573 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:21,577 INFO L256 TraceCheckSpWp]: Trace formula consists of 1192 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:26:21,582 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:26:21,604 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:21,605 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:26:21,680 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:21,680 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1617820020] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:26:21,681 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:26:21,681 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2025-03-03 14:26:21,681 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [791171500] [2025-03-03 14:26:21,681 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:26:21,681 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-03 14:26:21,681 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:21,682 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-03 14:26:21,682 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:26:21,682 INFO L87 Difference]: Start difference. First operand 1027 states and 1585 transitions. Second operand has 7 states, 7 states have (on average 18.285714285714285) internal successors, (128), 7 states have internal predecessors, (128), 2 states have call successors, (31), 2 states have call predecessors, (31), 2 states have return successors, (28), 2 states have call predecessors, (28), 2 states have call successors, (28) [2025-03-03 14:26:21,831 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:21,832 INFO L93 Difference]: Finished difference Result 2393 states and 3822 transitions. [2025-03-03 14:26:21,832 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-03 14:26:21,832 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 18.285714285714285) internal successors, (128), 7 states have internal predecessors, (128), 2 states have call successors, (31), 2 states have call predecessors, (31), 2 states have return successors, (28), 2 states have call predecessors, (28), 2 states have call successors, (28) Word has length 143 [2025-03-03 14:26:21,833 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:21,842 INFO L225 Difference]: With dead ends: 2393 [2025-03-03 14:26:21,843 INFO L226 Difference]: Without dead ends: 1901 [2025-03-03 14:26:21,845 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 288 GetRequests, 283 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:26:21,846 INFO L435 NwaCegarLoop]: 693 mSDtfsCounter, 691 mSDsluCounter, 1592 mSDsCounter, 0 mSdLazyCounter, 72 mSolverCounterSat, 31 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 745 SdHoareTripleChecker+Valid, 2285 SdHoareTripleChecker+Invalid, 103 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 31 IncrementalHoareTripleChecker+Valid, 72 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:21,847 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [745 Valid, 2285 Invalid, 103 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [31 Valid, 72 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:26:21,849 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1901 states. [2025-03-03 14:26:21,902 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1901 to 1853. [2025-03-03 14:26:21,905 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1853 states, 1463 states have (on average 1.6165413533834587) internal successors, (2365), 1475 states have internal predecessors, (2365), 324 states have call successors, (324), 59 states have call predecessors, (324), 65 states have return successors, (373), 322 states have call predecessors, (373), 322 states have call successors, (373) [2025-03-03 14:26:21,912 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1853 states to 1853 states and 3062 transitions. [2025-03-03 14:26:21,914 INFO L78 Accepts]: Start accepts. Automaton has 1853 states and 3062 transitions. Word has length 143 [2025-03-03 14:26:21,914 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:21,914 INFO L471 AbstractCegarLoop]: Abstraction has 1853 states and 3062 transitions. [2025-03-03 14:26:21,915 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 18.285714285714285) internal successors, (128), 7 states have internal predecessors, (128), 2 states have call successors, (31), 2 states have call predecessors, (31), 2 states have return successors, (28), 2 states have call predecessors, (28), 2 states have call successors, (28) [2025-03-03 14:26:21,915 INFO L276 IsEmpty]: Start isEmpty. Operand 1853 states and 3062 transitions. [2025-03-03 14:26:21,922 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 169 [2025-03-03 14:26:21,923 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:21,923 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:21,932 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Forceful destruction successful, exit code 0 [2025-03-03 14:26:22,124 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12,8 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:26:22,124 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:22,125 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:22,125 INFO L85 PathProgramCache]: Analyzing trace with hash 1476193747, now seen corresponding path program 1 times [2025-03-03 14:26:22,125 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:22,125 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [462061148] [2025-03-03 14:26:22,125 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:22,125 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:22,142 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 168 statements into 1 equivalence classes. [2025-03-03 14:26:22,150 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 168 of 168 statements. [2025-03-03 14:26:22,150 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:22,150 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:22,261 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:22,261 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:22,261 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [462061148] [2025-03-03 14:26:22,261 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [462061148] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:22,261 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:22,261 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:22,261 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [677543838] [2025-03-03 14:26:22,261 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:22,262 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:22,262 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:22,263 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:22,263 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:22,263 INFO L87 Difference]: Start difference. First operand 1853 states and 3062 transitions. Second operand has 3 states, 3 states have (on average 33.666666666666664) internal successors, (101), 3 states have internal predecessors, (101), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:22,316 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:22,316 INFO L93 Difference]: Finished difference Result 4415 states and 7407 transitions. [2025-03-03 14:26:22,317 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:22,317 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 33.666666666666664) internal successors, (101), 3 states have internal predecessors, (101), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 168 [2025-03-03 14:26:22,317 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:22,329 INFO L225 Difference]: With dead ends: 4415 [2025-03-03 14:26:22,330 INFO L226 Difference]: Without dead ends: 2689 [2025-03-03 14:26:22,335 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:22,336 INFO L435 NwaCegarLoop]: 662 mSDtfsCounter, 132 mSDsluCounter, 652 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 150 SdHoareTripleChecker+Valid, 1314 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:22,336 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [150 Valid, 1314 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:22,338 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2689 states. [2025-03-03 14:26:22,452 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2689 to 2673. [2025-03-03 14:26:22,457 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2673 states, 2125 states have (on average 1.6352941176470588) internal successors, (3475), 2137 states have internal predecessors, (3475), 482 states have call successors, (482), 59 states have call predecessors, (482), 65 states have return successors, (556), 480 states have call predecessors, (556), 480 states have call successors, (556) [2025-03-03 14:26:22,469 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2673 states to 2673 states and 4513 transitions. [2025-03-03 14:26:22,473 INFO L78 Accepts]: Start accepts. Automaton has 2673 states and 4513 transitions. Word has length 168 [2025-03-03 14:26:22,474 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:22,474 INFO L471 AbstractCegarLoop]: Abstraction has 2673 states and 4513 transitions. [2025-03-03 14:26:22,474 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 33.666666666666664) internal successors, (101), 3 states have internal predecessors, (101), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:22,474 INFO L276 IsEmpty]: Start isEmpty. Operand 2673 states and 4513 transitions. [2025-03-03 14:26:22,490 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 170 [2025-03-03 14:26:22,490 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:22,490 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:22,490 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-03 14:26:22,490 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:22,491 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:22,491 INFO L85 PathProgramCache]: Analyzing trace with hash -1288131571, now seen corresponding path program 1 times [2025-03-03 14:26:22,491 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:22,491 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [636143449] [2025-03-03 14:26:22,491 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:22,491 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:22,510 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 169 statements into 1 equivalence classes. [2025-03-03 14:26:22,525 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 169 of 169 statements. [2025-03-03 14:26:22,526 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:22,526 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:22,559 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:22,559 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:22,560 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [636143449] [2025-03-03 14:26:22,560 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [636143449] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:22,560 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:22,560 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:22,560 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1123764333] [2025-03-03 14:26:22,560 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:22,561 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:22,561 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:22,561 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:22,561 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:22,562 INFO L87 Difference]: Start difference. First operand 2673 states and 4513 transitions. Second operand has 3 states, 3 states have (on average 34.0) internal successors, (102), 3 states have internal predecessors, (102), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:22,653 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:22,653 INFO L93 Difference]: Finished difference Result 6421 states and 10934 transitions. [2025-03-03 14:26:22,653 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:22,654 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.0) internal successors, (102), 3 states have internal predecessors, (102), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 169 [2025-03-03 14:26:22,654 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:22,676 INFO L225 Difference]: With dead ends: 6421 [2025-03-03 14:26:22,676 INFO L226 Difference]: Without dead ends: 3977 [2025-03-03 14:26:22,685 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:22,686 INFO L435 NwaCegarLoop]: 655 mSDtfsCounter, 130 mSDsluCounter, 649 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 148 SdHoareTripleChecker+Valid, 1304 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:22,686 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [148 Valid, 1304 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:22,691 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 3977 states. [2025-03-03 14:26:22,798 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 3977 to 3961. [2025-03-03 14:26:22,804 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3961 states, 3175 states have (on average 1.6481889763779527) internal successors, (5233), 3187 states have internal predecessors, (5233), 720 states have call successors, (720), 59 states have call predecessors, (720), 65 states have return successors, (810), 718 states have call predecessors, (810), 718 states have call successors, (810) [2025-03-03 14:26:22,818 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3961 states to 3961 states and 6763 transitions. [2025-03-03 14:26:22,822 INFO L78 Accepts]: Start accepts. Automaton has 3961 states and 6763 transitions. Word has length 169 [2025-03-03 14:26:22,822 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:22,822 INFO L471 AbstractCegarLoop]: Abstraction has 3961 states and 6763 transitions. [2025-03-03 14:26:22,823 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.0) internal successors, (102), 3 states have internal predecessors, (102), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:22,823 INFO L276 IsEmpty]: Start isEmpty. Operand 3961 states and 6763 transitions. [2025-03-03 14:26:22,839 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 171 [2025-03-03 14:26:22,839 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:22,839 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:22,839 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-03 14:26:22,839 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:22,840 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:22,840 INFO L85 PathProgramCache]: Analyzing trace with hash -1317115276, now seen corresponding path program 1 times [2025-03-03 14:26:22,840 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:22,840 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1125823603] [2025-03-03 14:26:22,840 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:22,840 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:22,858 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 170 statements into 1 equivalence classes. [2025-03-03 14:26:22,899 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 170 of 170 statements. [2025-03-03 14:26:22,899 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:22,899 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:22,935 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:22,935 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:22,935 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1125823603] [2025-03-03 14:26:22,935 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1125823603] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:22,935 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:22,935 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:22,935 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [541391937] [2025-03-03 14:26:22,935 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:22,935 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:22,935 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:22,936 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:22,936 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:22,936 INFO L87 Difference]: Start difference. First operand 3961 states and 6763 transitions. Second operand has 3 states, 3 states have (on average 34.333333333333336) internal successors, (103), 3 states have internal predecessors, (103), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:23,047 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:23,047 INFO L93 Difference]: Finished difference Result 9445 states and 16268 transitions. [2025-03-03 14:26:23,047 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:23,047 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.333333333333336) internal successors, (103), 3 states have internal predecessors, (103), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 170 [2025-03-03 14:26:23,048 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:23,088 INFO L225 Difference]: With dead ends: 9445 [2025-03-03 14:26:23,088 INFO L226 Difference]: Without dead ends: 5957 [2025-03-03 14:26:23,105 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:23,105 INFO L435 NwaCegarLoop]: 662 mSDtfsCounter, 128 mSDsluCounter, 647 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 1309 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:23,105 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 1309 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:23,111 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 5957 states. [2025-03-03 14:26:23,257 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 5957 to 5941. [2025-03-03 14:26:23,265 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5941 states, 4831 states have (on average 1.658248809770234) internal successors, (8011), 4843 states have internal predecessors, (8011), 1044 states have call successors, (1044), 59 states have call predecessors, (1044), 65 states have return successors, (1184), 1042 states have call predecessors, (1184), 1042 states have call successors, (1184) [2025-03-03 14:26:23,286 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5941 states to 5941 states and 10239 transitions. [2025-03-03 14:26:23,291 INFO L78 Accepts]: Start accepts. Automaton has 5941 states and 10239 transitions. Word has length 170 [2025-03-03 14:26:23,291 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:23,291 INFO L471 AbstractCegarLoop]: Abstraction has 5941 states and 10239 transitions. [2025-03-03 14:26:23,291 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.333333333333336) internal successors, (103), 3 states have internal predecessors, (103), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:23,291 INFO L276 IsEmpty]: Start isEmpty. Operand 5941 states and 10239 transitions. [2025-03-03 14:26:23,317 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 172 [2025-03-03 14:26:23,317 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:23,317 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:23,318 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-03 14:26:23,318 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:23,318 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:23,318 INFO L85 PathProgramCache]: Analyzing trace with hash 207926732, now seen corresponding path program 1 times [2025-03-03 14:26:23,318 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:23,318 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1274409245] [2025-03-03 14:26:23,318 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:23,318 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:23,335 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 171 statements into 1 equivalence classes. [2025-03-03 14:26:23,340 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 171 of 171 statements. [2025-03-03 14:26:23,341 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:23,341 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:23,372 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:23,372 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:23,372 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1274409245] [2025-03-03 14:26:23,372 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1274409245] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:23,372 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:23,372 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:23,373 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1386378656] [2025-03-03 14:26:23,373 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:23,373 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:23,373 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:23,374 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:23,374 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:23,374 INFO L87 Difference]: Start difference. First operand 5941 states and 10239 transitions. Second operand has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:23,590 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:23,591 INFO L93 Difference]: Finished difference Result 14231 states and 24722 transitions. [2025-03-03 14:26:23,591 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:23,591 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 171 [2025-03-03 14:26:23,591 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:23,632 INFO L225 Difference]: With dead ends: 14231 [2025-03-03 14:26:23,632 INFO L226 Difference]: Without dead ends: 9163 [2025-03-03 14:26:23,654 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:23,654 INFO L435 NwaCegarLoop]: 662 mSDtfsCounter, 126 mSDsluCounter, 647 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 1309 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:23,655 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 1309 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:26:23,663 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 9163 states. [2025-03-03 14:26:23,969 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 9163 to 9147. [2025-03-03 14:26:23,983 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 9147 states, 7547 states have (on average 1.665429972174374) internal successors, (12569), 7559 states have internal predecessors, (12569), 1534 states have call successors, (1534), 59 states have call predecessors, (1534), 65 states have return successors, (1757), 1532 states have call predecessors, (1757), 1532 states have call successors, (1757) [2025-03-03 14:26:24,016 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 9147 states to 9147 states and 15860 transitions. [2025-03-03 14:26:24,020 INFO L78 Accepts]: Start accepts. Automaton has 9147 states and 15860 transitions. Word has length 171 [2025-03-03 14:26:24,021 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:24,021 INFO L471 AbstractCegarLoop]: Abstraction has 9147 states and 15860 transitions. [2025-03-03 14:26:24,021 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 34.666666666666664) internal successors, (104), 3 states have internal predecessors, (104), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:24,021 INFO L276 IsEmpty]: Start isEmpty. Operand 9147 states and 15860 transitions. [2025-03-03 14:26:24,060 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 154 [2025-03-03 14:26:24,061 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:24,061 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:24,061 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-03 14:26:24,061 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:24,062 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:24,062 INFO L85 PathProgramCache]: Analyzing trace with hash -1975686266, now seen corresponding path program 1 times [2025-03-03 14:26:24,062 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:24,062 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1958441945] [2025-03-03 14:26:24,062 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:24,063 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:24,094 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 153 statements into 1 equivalence classes. [2025-03-03 14:26:24,104 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 153 of 153 statements. [2025-03-03 14:26:24,104 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:24,104 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:24,145 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:24,145 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:24,145 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1958441945] [2025-03-03 14:26:24,145 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1958441945] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:24,145 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:24,145 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:24,145 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1599805994] [2025-03-03 14:26:24,145 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:24,146 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:24,146 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:24,147 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:24,147 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:24,147 INFO L87 Difference]: Start difference. First operand 9147 states and 15860 transitions. Second operand has 3 states, 3 states have (on average 32.666666666666664) internal successors, (98), 3 states have internal predecessors, (98), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:24,452 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:24,453 INFO L93 Difference]: Finished difference Result 22211 states and 38821 transitions. [2025-03-03 14:26:24,453 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:24,453 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 32.666666666666664) internal successors, (98), 3 states have internal predecessors, (98), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) Word has length 153 [2025-03-03 14:26:24,453 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:24,513 INFO L225 Difference]: With dead ends: 22211 [2025-03-03 14:26:24,513 INFO L226 Difference]: Without dead ends: 14551 [2025-03-03 14:26:24,547 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:24,547 INFO L435 NwaCegarLoop]: 666 mSDtfsCounter, 124 mSDsluCounter, 645 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1311 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:24,548 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1311 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:24,560 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 14551 states. [2025-03-03 14:26:24,968 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 14551 to 14535. [2025-03-03 14:26:24,991 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 14535 states, 11949 states have (on average 1.665495020503808) internal successors, (19901), 11961 states have internal predecessors, (19901), 2520 states have call successors, (2520), 59 states have call predecessors, (2520), 65 states have return successors, (2887), 2518 states have call predecessors, (2887), 2518 states have call successors, (2887) [2025-03-03 14:26:25,035 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 14535 states to 14535 states and 25308 transitions. [2025-03-03 14:26:25,043 INFO L78 Accepts]: Start accepts. Automaton has 14535 states and 25308 transitions. Word has length 153 [2025-03-03 14:26:25,043 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:25,043 INFO L471 AbstractCegarLoop]: Abstraction has 14535 states and 25308 transitions. [2025-03-03 14:26:25,043 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 32.666666666666664) internal successors, (98), 3 states have internal predecessors, (98), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:25,043 INFO L276 IsEmpty]: Start isEmpty. Operand 14535 states and 25308 transitions. [2025-03-03 14:26:25,091 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 174 [2025-03-03 14:26:25,091 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:25,091 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:25,091 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-03 14:26:25,091 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:25,092 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:25,092 INFO L85 PathProgramCache]: Analyzing trace with hash 1780699531, now seen corresponding path program 1 times [2025-03-03 14:26:25,092 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:25,092 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1019662325] [2025-03-03 14:26:25,092 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:25,092 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:25,107 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 173 statements into 1 equivalence classes. [2025-03-03 14:26:25,113 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 173 of 173 statements. [2025-03-03 14:26:25,113 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:25,113 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:25,142 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:25,142 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:25,142 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1019662325] [2025-03-03 14:26:25,142 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1019662325] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:25,142 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:25,142 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:25,142 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [675945591] [2025-03-03 14:26:25,142 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:25,143 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:25,143 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:25,143 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:25,143 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:25,143 INFO L87 Difference]: Start difference. First operand 14535 states and 25308 transitions. Second operand has 3 states, 3 states have (on average 35.333333333333336) internal successors, (106), 3 states have internal predecessors, (106), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:25,531 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:25,531 INFO L93 Difference]: Finished difference Result 36671 states and 64229 transitions. [2025-03-03 14:26:25,532 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:25,532 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 35.333333333333336) internal successors, (106), 3 states have internal predecessors, (106), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 173 [2025-03-03 14:26:25,532 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:25,632 INFO L225 Difference]: With dead ends: 36671 [2025-03-03 14:26:25,632 INFO L226 Difference]: Without dead ends: 24365 [2025-03-03 14:26:25,669 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:25,669 INFO L435 NwaCegarLoop]: 655 mSDtfsCounter, 122 mSDsluCounter, 649 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1304 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:25,669 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1304 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:25,692 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 24365 states. [2025-03-03 14:26:26,352 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 24365 to 24349. [2025-03-03 14:26:26,393 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 24349 states, 20119 states have (on average 1.6669317560514936) internal successors, (33537), 20131 states have internal predecessors, (33537), 4164 states have call successors, (4164), 59 states have call predecessors, (4164), 65 states have return successors, (4720), 4162 states have call predecessors, (4720), 4162 states have call successors, (4720) [2025-03-03 14:26:26,481 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 24349 states to 24349 states and 42421 transitions. [2025-03-03 14:26:26,494 INFO L78 Accepts]: Start accepts. Automaton has 24349 states and 42421 transitions. Word has length 173 [2025-03-03 14:26:26,494 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:26,494 INFO L471 AbstractCegarLoop]: Abstraction has 24349 states and 42421 transitions. [2025-03-03 14:26:26,494 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 35.333333333333336) internal successors, (106), 3 states have internal predecessors, (106), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:26,494 INFO L276 IsEmpty]: Start isEmpty. Operand 24349 states and 42421 transitions. [2025-03-03 14:26:26,573 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 175 [2025-03-03 14:26:26,573 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:26,573 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:26,573 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-03 14:26:26,574 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:26,574 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:26,574 INFO L85 PathProgramCache]: Analyzing trace with hash -568409258, now seen corresponding path program 1 times [2025-03-03 14:26:26,574 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:26,574 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [939767667] [2025-03-03 14:26:26,574 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:26,575 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:26,596 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 174 statements into 1 equivalence classes. [2025-03-03 14:26:26,603 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 174 of 174 statements. [2025-03-03 14:26:26,603 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:26,603 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:26,645 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:26,645 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:26,645 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [939767667] [2025-03-03 14:26:26,645 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [939767667] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:26,645 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:26,645 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:26,646 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1585629010] [2025-03-03 14:26:26,646 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:26,646 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:26,646 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:26,647 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:26,647 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:26,647 INFO L87 Difference]: Start difference. First operand 24349 states and 42421 transitions. Second operand has 3 states, 3 states have (on average 35.666666666666664) internal successors, (107), 3 states have internal predecessors, (107), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:27,550 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:27,551 INFO L93 Difference]: Finished difference Result 58183 states and 101369 transitions. [2025-03-03 14:26:27,551 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:27,552 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 35.666666666666664) internal successors, (107), 3 states have internal predecessors, (107), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 174 [2025-03-03 14:26:27,552 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:27,742 INFO L225 Difference]: With dead ends: 58183 [2025-03-03 14:26:27,742 INFO L226 Difference]: Without dead ends: 37997 [2025-03-03 14:26:27,839 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:27,840 INFO L435 NwaCegarLoop]: 659 mSDtfsCounter, 120 mSDsluCounter, 621 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1280 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:27,841 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1280 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:27,876 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 37997 states. [2025-03-03 14:26:29,039 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 37997 to 37981. [2025-03-03 14:26:29,094 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 37981 states, 31345 states have (on average 1.6445047056946882) internal successors, (51547), 31357 states have internal predecessors, (51547), 6570 states have call successors, (6570), 59 states have call predecessors, (6570), 65 states have return successors, (7551), 6568 states have call predecessors, (7551), 6568 states have call successors, (7551) [2025-03-03 14:26:29,200 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 37981 states to 37981 states and 65668 transitions. [2025-03-03 14:26:29,217 INFO L78 Accepts]: Start accepts. Automaton has 37981 states and 65668 transitions. Word has length 174 [2025-03-03 14:26:29,217 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:29,217 INFO L471 AbstractCegarLoop]: Abstraction has 37981 states and 65668 transitions. [2025-03-03 14:26:29,217 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 35.666666666666664) internal successors, (107), 3 states have internal predecessors, (107), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:29,218 INFO L276 IsEmpty]: Start isEmpty. Operand 37981 states and 65668 transitions. [2025-03-03 14:26:29,298 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 157 [2025-03-03 14:26:29,299 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:29,299 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:29,299 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-03 14:26:29,299 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:29,299 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:29,300 INFO L85 PathProgramCache]: Analyzing trace with hash -2078367279, now seen corresponding path program 1 times [2025-03-03 14:26:29,300 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:29,300 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1105413] [2025-03-03 14:26:29,300 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:29,300 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:29,315 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 156 statements into 1 equivalence classes. [2025-03-03 14:26:29,322 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 156 of 156 statements. [2025-03-03 14:26:29,322 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:29,322 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:29,352 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:29,352 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:29,352 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1105413] [2025-03-03 14:26:29,352 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1105413] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:29,352 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:29,352 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:29,353 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [976939938] [2025-03-03 14:26:29,353 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:29,353 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:29,353 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:29,353 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:29,354 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:29,354 INFO L87 Difference]: Start difference. First operand 37981 states and 65668 transitions. Second operand has 3 states, 3 states have (on average 33.666666666666664) internal successors, (101), 3 states have internal predecessors, (101), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:30,681 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:30,681 INFO L93 Difference]: Finished difference Result 100257 states and 174142 transitions. [2025-03-03 14:26:30,682 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:30,682 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 33.666666666666664) internal successors, (101), 3 states have internal predecessors, (101), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) Word has length 156 [2025-03-03 14:26:30,682 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:30,970 INFO L225 Difference]: With dead ends: 100257 [2025-03-03 14:26:30,970 INFO L226 Difference]: Without dead ends: 67707 [2025-03-03 14:26:31,078 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:31,080 INFO L435 NwaCegarLoop]: 662 mSDtfsCounter, 118 mSDsluCounter, 650 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1312 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:31,081 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1312 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:31,134 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67707 states. [2025-03-03 14:26:33,198 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67707 to 67691. [2025-03-03 14:26:33,291 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67691 states, 56155 states have (on average 1.642258035793785) internal successors, (92221), 56167 states have internal predecessors, (92221), 11470 states have call successors, (11470), 59 states have call predecessors, (11470), 65 states have return successors, (13265), 11468 states have call predecessors, (13265), 11468 states have call successors, (13265) [2025-03-03 14:26:33,529 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67691 states to 67691 states and 116956 transitions. [2025-03-03 14:26:33,564 INFO L78 Accepts]: Start accepts. Automaton has 67691 states and 116956 transitions. Word has length 156 [2025-03-03 14:26:33,564 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:33,564 INFO L471 AbstractCegarLoop]: Abstraction has 67691 states and 116956 transitions. [2025-03-03 14:26:33,565 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 33.666666666666664) internal successors, (101), 3 states have internal predecessors, (101), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:33,565 INFO L276 IsEmpty]: Start isEmpty. Operand 67691 states and 116956 transitions. [2025-03-03 14:26:33,703 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 177 [2025-03-03 14:26:33,704 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:33,704 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:33,705 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2025-03-03 14:26:33,705 INFO L396 AbstractCegarLoop]: === Iteration 22 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:33,705 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:33,705 INFO L85 PathProgramCache]: Analyzing trace with hash 989346199, now seen corresponding path program 1 times [2025-03-03 14:26:33,705 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:33,706 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1874338049] [2025-03-03 14:26:33,706 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:33,706 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:33,723 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 176 statements into 1 equivalence classes. [2025-03-03 14:26:33,729 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 176 of 176 statements. [2025-03-03 14:26:33,729 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:33,729 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:33,760 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2025-03-03 14:26:33,760 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:33,760 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1874338049] [2025-03-03 14:26:33,760 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1874338049] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:33,760 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:33,760 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:33,761 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1199131699] [2025-03-03 14:26:33,761 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:33,761 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:33,761 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:33,761 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:33,761 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:33,762 INFO L87 Difference]: Start difference. First operand 67691 states and 116956 transitions. Second operand has 3 states, 3 states have (on average 36.333333333333336) internal successors, (109), 3 states have internal predecessors, (109), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:36,594 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:36,595 INFO L93 Difference]: Finished difference Result 184441 states and 319326 transitions. [2025-03-03 14:26:36,595 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:36,595 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 36.333333333333336) internal successors, (109), 3 states have internal predecessors, (109), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) Word has length 176 [2025-03-03 14:26:36,595 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:37,118 INFO L225 Difference]: With dead ends: 184441 [2025-03-03 14:26:37,118 INFO L226 Difference]: Without dead ends: 123995 [2025-03-03 14:26:37,455 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:37,456 INFO L435 NwaCegarLoop]: 663 mSDtfsCounter, 116 mSDsluCounter, 650 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1313 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:37,456 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1313 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:37,527 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 123995 states. [2025-03-03 14:26:41,467 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 123995 to 123979. [2025-03-03 14:26:41,578 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 123979 states, 103417 states have (on average 1.6387731224073412) internal successors, (169477), 103429 states have internal predecessors, (169477), 20496 states have call successors, (20496), 59 states have call predecessors, (20496), 65 states have return successors, (23355), 20494 states have call predecessors, (23355), 20494 states have call successors, (23355) [2025-03-03 14:26:41,923 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 123979 states to 123979 states and 213328 transitions. [2025-03-03 14:26:41,979 INFO L78 Accepts]: Start accepts. Automaton has 123979 states and 213328 transitions. Word has length 176 [2025-03-03 14:26:41,979 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:26:41,979 INFO L471 AbstractCegarLoop]: Abstraction has 123979 states and 213328 transitions. [2025-03-03 14:26:41,979 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 36.333333333333336) internal successors, (109), 3 states have internal predecessors, (109), 2 states have call successors, (23), 2 states have call predecessors, (23), 1 states have return successors, (20), 2 states have call predecessors, (20), 2 states have call successors, (20) [2025-03-03 14:26:41,980 INFO L276 IsEmpty]: Start isEmpty. Operand 123979 states and 213328 transitions. [2025-03-03 14:26:42,375 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 159 [2025-03-03 14:26:42,376 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:26:42,376 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:26:42,376 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable21 [2025-03-03 14:26:42,376 INFO L396 AbstractCegarLoop]: === Iteration 23 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:26:42,376 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:26:42,376 INFO L85 PathProgramCache]: Analyzing trace with hash -709452654, now seen corresponding path program 1 times [2025-03-03 14:26:42,377 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:26:42,377 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1993932571] [2025-03-03 14:26:42,377 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:26:42,377 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:26:42,391 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 158 statements into 1 equivalence classes. [2025-03-03 14:26:42,398 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 158 of 158 statements. [2025-03-03 14:26:42,398 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:26:42,398 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:26:42,423 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 38 trivial. 0 not checked. [2025-03-03 14:26:42,423 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:26:42,424 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1993932571] [2025-03-03 14:26:42,424 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1993932571] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:26:42,424 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:26:42,424 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:26:42,424 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [905873227] [2025-03-03 14:26:42,424 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:26:42,424 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:26:42,424 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:26:42,425 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:26:42,425 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:42,425 INFO L87 Difference]: Start difference. First operand 123979 states and 213328 transitions. Second operand has 3 states, 3 states have (on average 34.333333333333336) internal successors, (103), 3 states have internal predecessors, (103), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) [2025-03-03 14:26:46,009 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:26:46,009 INFO L93 Difference]: Finished difference Result 232167 states and 400427 transitions. [2025-03-03 14:26:46,009 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:26:46,009 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 34.333333333333336) internal successors, (103), 3 states have internal predecessors, (103), 2 states have call successors, (20), 2 states have call predecessors, (20), 1 states have return successors, (17), 2 states have call predecessors, (17), 2 states have call successors, (17) Word has length 158 [2025-03-03 14:26:46,010 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:26:46,869 INFO L225 Difference]: With dead ends: 232167 [2025-03-03 14:26:46,869 INFO L226 Difference]: Without dead ends: 231675 [2025-03-03 14:26:46,962 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:26:46,963 INFO L435 NwaCegarLoop]: 664 mSDtfsCounter, 111 mSDsluCounter, 654 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1318 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:26:46,963 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1318 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:26:47,091 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 231675 states.