./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/email_spec9_product21.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 798a7b37 Calling Ultimate with: /root/.sdkman/candidates/java/21.0.5-tem/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/email_spec9_product21.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash f4fee54ccb193d38705f292ec1df682c5f160e2b5ba09e341cb9a12b4e6b2606 --- Real Ultimate output --- This is Ultimate 0.3.0-?-798a7b3-m [2025-03-03 14:27:36,708 INFO L188 SettingsManager]: Resetting all preferences to default values... [2025-03-03 14:27:36,769 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2025-03-03 14:27:36,774 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2025-03-03 14:27:36,774 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2025-03-03 14:27:36,795 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2025-03-03 14:27:36,796 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2025-03-03 14:27:36,796 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2025-03-03 14:27:36,796 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2025-03-03 14:27:36,797 INFO L153 SettingsManager]: * Use memory slicer=true [2025-03-03 14:27:36,797 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2025-03-03 14:27:36,797 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2025-03-03 14:27:36,798 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * Use SBE=true [2025-03-03 14:27:36,798 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * sizeof long=4 [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * sizeof POINTER=4 [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * sizeof long double=12 [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * Behaviour of calls to undefined functions=OVERAPPROXIMATE_BEHAVIOUR [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * Use constant arrays=true [2025-03-03 14:27:36,798 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2025-03-03 14:27:36,798 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2025-03-03 14:27:36,799 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2025-03-03 14:27:36,799 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:27:36,799 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2025-03-03 14:27:36,799 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2025-03-03 14:27:36,799 INFO L153 SettingsManager]: * Compute procedure contracts=false [2025-03-03 14:27:36,799 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2025-03-03 14:27:36,799 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2025-03-03 14:27:36,799 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2025-03-03 14:27:36,799 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2025-03-03 14:27:36,799 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2025-03-03 14:27:36,799 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2025-03-03 14:27:36,799 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2025-03-03 14:27:36,799 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> f4fee54ccb193d38705f292ec1df682c5f160e2b5ba09e341cb9a12b4e6b2606 [2025-03-03 14:27:37,018 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2025-03-03 14:27:37,024 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2025-03-03 14:27:37,026 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2025-03-03 14:27:37,026 INFO L270 PluginConnector]: Initializing CDTParser... [2025-03-03 14:27:37,026 INFO L274 PluginConnector]: CDTParser initialized [2025-03-03 14:27:37,027 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/email_spec9_product21.cil.c [2025-03-03 14:27:38,135 INFO L533 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/46122dc95/11837124de4c421b9dd4fe89001a0f68/FLAGa410d070d [2025-03-03 14:27:38,494 INFO L384 CDTParser]: Found 1 translation units. [2025-03-03 14:27:38,495 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec9_product21.cil.c [2025-03-03 14:27:38,516 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/46122dc95/11837124de4c421b9dd4fe89001a0f68/FLAGa410d070d [2025-03-03 14:27:38,700 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/46122dc95/11837124de4c421b9dd4fe89001a0f68 [2025-03-03 14:27:38,702 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2025-03-03 14:27:38,704 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2025-03-03 14:27:38,706 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2025-03-03 14:27:38,706 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2025-03-03 14:27:38,709 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2025-03-03 14:27:38,710 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:27:38" (1/1) ... [2025-03-03 14:27:38,711 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@76190fed and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:38, skipping insertion in model container [2025-03-03 14:27:38,711 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.03 02:27:38" (1/1) ... [2025-03-03 14:27:38,754 INFO L175 MainTranslator]: Built tables and reachable declarations [2025-03-03 14:27:38,919 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec9_product21.cil.c[10263,10276] [2025-03-03 14:27:39,066 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:27:39,078 INFO L200 MainTranslator]: Completed pre-run [2025-03-03 14:27:39,083 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [48] [2025-03-03 14:27:39,084 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [393] [2025-03-03 14:27:39,084 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [498] [2025-03-03 14:27:39,084 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [507] [2025-03-03 14:27:39,084 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [545] [2025-03-03 14:27:39,084 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [562] [2025-03-03 14:27:39,084 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [1634] [2025-03-03 14:27:39,084 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EncryptForward_spec.i","") [2037] [2025-03-03 14:27:39,084 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [2079] [2025-03-03 14:27:39,084 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [2308] [2025-03-03 14:27:39,085 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [2596] [2025-03-03 14:27:39,098 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/email_spec9_product21.cil.c[10263,10276] [2025-03-03 14:27:39,138 INFO L210 PostProcessor]: Analyzing one entry point: main [2025-03-03 14:27:39,162 INFO L204 MainTranslator]: Completed translation [2025-03-03 14:27:39,163 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39 WrapperNode [2025-03-03 14:27:39,163 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2025-03-03 14:27:39,164 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2025-03-03 14:27:39,164 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2025-03-03 14:27:39,164 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2025-03-03 14:27:39,170 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (1/1) ... [2025-03-03 14:27:39,188 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (1/1) ... [2025-03-03 14:27:39,232 INFO L138 Inliner]: procedures = 129, calls = 200, calls flagged for inlining = 58, calls inlined = 55, statements flattened = 1074 [2025-03-03 14:27:39,232 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2025-03-03 14:27:39,233 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2025-03-03 14:27:39,233 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2025-03-03 14:27:39,233 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2025-03-03 14:27:39,241 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (1/1) ... [2025-03-03 14:27:39,242 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (1/1) ... [2025-03-03 14:27:39,251 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (1/1) ... [2025-03-03 14:27:39,273 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2025-03-03 14:27:39,273 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (1/1) ... [2025-03-03 14:27:39,273 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (1/1) ... [2025-03-03 14:27:39,295 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (1/1) ... [2025-03-03 14:27:39,297 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (1/1) ... [2025-03-03 14:27:39,303 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (1/1) ... [2025-03-03 14:27:39,308 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (1/1) ... [2025-03-03 14:27:39,313 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2025-03-03 14:27:39,315 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2025-03-03 14:27:39,315 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2025-03-03 14:27:39,315 INFO L274 PluginConnector]: IcfgBuilder initialized [2025-03-03 14:27:39,315 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (1/1) ... [2025-03-03 14:27:39,320 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2025-03-03 14:27:39,329 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:39,340 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2025-03-03 14:27:39,342 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2025-03-03 14:27:39,360 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2025-03-03 14:27:39,360 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2025-03-03 14:27:39,360 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2025-03-03 14:27:39,360 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2025-03-03 14:27:39,360 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2025-03-03 14:27:39,360 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2025-03-03 14:27:39,360 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2025-03-03 14:27:39,360 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2025-03-03 14:27:39,360 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2025-03-03 14:27:39,360 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2025-03-03 14:27:39,360 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2025-03-03 14:27:39,360 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2025-03-03 14:27:39,360 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2025-03-03 14:27:39,360 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2025-03-03 14:27:39,360 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2025-03-03 14:27:39,360 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2025-03-03 14:27:39,360 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2025-03-03 14:27:39,361 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2025-03-03 14:27:39,361 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2025-03-03 14:27:39,361 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2025-03-03 14:27:39,361 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2025-03-03 14:27:39,361 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2025-03-03 14:27:39,361 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2025-03-03 14:27:39,361 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2025-03-03 14:27:39,361 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2025-03-03 14:27:39,361 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2025-03-03 14:27:39,361 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2025-03-03 14:27:39,361 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2025-03-03 14:27:39,361 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2025-03-03 14:27:39,361 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2025-03-03 14:27:39,362 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2025-03-03 14:27:39,362 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2025-03-03 14:27:39,362 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2025-03-03 14:27:39,516 INFO L256 CfgBuilder]: Building ICFG [2025-03-03 14:27:39,518 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2025-03-03 14:27:39,602 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1268: #res#1 := ~retValue_acc~23#1; [2025-03-03 14:27:39,603 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1223-1: getClientKeyringSize_#res#1 := getClientKeyringSize_~retValue_acc~22#1; [2025-03-03 14:27:39,812 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1564-1: getClientForwardReceiver_#res#1 := getClientForwardReceiver_~retValue_acc~27#1; [2025-03-03 14:27:39,812 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1176-1: getClientPrivateKey_#res#1 := getClientPrivateKey_~retValue_acc~21#1; [2025-03-03 14:27:39,813 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1681-1: getEmailId_#res#1 := getEmailId_~retValue_acc~30#1; [2025-03-03 14:27:39,813 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L451-1: isReadable__wrappee__Keys_#res#1 := isReadable__wrappee__Keys_~retValue_acc~5#1; [2025-03-03 14:27:39,813 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1492-1: findPublicKey_#res#1 := findPublicKey_~retValue_acc~26#1; [2025-03-03 14:27:39,813 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L361-1: isKeyPairValid_#res#1 := isKeyPairValid_~retValue_acc~4#1; [2025-03-03 14:27:39,813 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L471-1: isReadable_#res#1 := isReadable_~retValue_acc~6#1; [2025-03-03 14:27:39,813 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1718-1: getEmailFrom_#res#1 := getEmailFrom_~retValue_acc~31#1; [2025-03-03 14:27:39,813 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1611-1: getClientId_#res#1 := getClientId_~retValue_acc~28#1; [2025-03-03 14:27:39,828 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L495-1: createEmail_#res#1 := createEmail_~retValue_acc~8#1; [2025-03-03 14:27:39,836 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L720: #res := ~retValue_acc~15; [2025-03-03 14:27:39,849 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1870: #res := ~retValue_acc~35; [2025-03-03 14:27:39,879 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1907: #res := ~retValue_acc~36; [2025-03-03 14:27:39,897 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1755: #res := ~retValue_acc~32; [2025-03-03 14:27:39,943 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1046: #res := ~retValue_acc~19; [2025-03-03 14:27:40,161 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L318-1: is_queue_empty_#res#1 := is_queue_empty_~retValue_acc~1#1; [2025-03-03 14:27:40,161 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L336-1: get_queued_email_#res#1 := get_queued_email_~retValue_acc~3#1; [2025-03-03 14:27:40,162 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1331-1: getClientKeyringUser_#res#1 := getClientKeyringUser_~retValue_acc~24#1; [2025-03-03 14:27:40,162 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L327-1: get_queued_client_#res#1 := get_queued_client_~retValue_acc~2#1; [2025-03-03 14:27:40,162 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L542-1: valid_product_#res#1 := valid_product_~retValue_acc~10#1; [2025-03-03 14:27:40,162 INFO L1325 $ProcedureCfgBuilder]: dead code at ProgramPoint L1438-1: getClientKeyringPublicKey_#res#1 := getClientKeyringPublicKey_~retValue_acc~25#1; [2025-03-03 14:27:40,283 INFO L? ?]: Removed 524 outVars from TransFormulas that were not future-live. [2025-03-03 14:27:40,283 INFO L307 CfgBuilder]: Performing block encoding [2025-03-03 14:27:40,295 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2025-03-03 14:27:40,296 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2025-03-03 14:27:40,296 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:27:40 BoogieIcfgContainer [2025-03-03 14:27:40,296 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2025-03-03 14:27:40,297 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2025-03-03 14:27:40,297 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2025-03-03 14:27:40,303 INFO L274 PluginConnector]: TraceAbstraction initialized [2025-03-03 14:27:40,303 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.03 02:27:38" (1/3) ... [2025-03-03 14:27:40,304 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4ae85ffc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:27:40, skipping insertion in model container [2025-03-03 14:27:40,304 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.03 02:27:39" (2/3) ... [2025-03-03 14:27:40,305 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4ae85ffc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.03 02:27:40, skipping insertion in model container [2025-03-03 14:27:40,305 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 03.03 02:27:40" (3/3) ... [2025-03-03 14:27:40,306 INFO L128 eAbstractionObserver]: Analyzing ICFG email_spec9_product21.cil.c [2025-03-03 14:27:40,315 INFO L216 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2025-03-03 14:27:40,318 INFO L151 ceAbstractionStarter]: Applying trace abstraction to ICFG email_spec9_product21.cil.c that has 22 procedures, 376 locations, 1 initial locations, 1 loop locations, and 1 error locations. [2025-03-03 14:27:40,371 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2025-03-03 14:27:40,378 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@2d35e032, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2025-03-03 14:27:40,379 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2025-03-03 14:27:40,384 INFO L276 IsEmpty]: Start isEmpty. Operand has 376 states, 296 states have (on average 1.5675675675675675) internal successors, (464), 301 states have internal predecessors, (464), 57 states have call successors, (57), 21 states have call predecessors, (57), 21 states have return successors, (57), 56 states have call predecessors, (57), 57 states have call successors, (57) [2025-03-03 14:27:40,398 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2025-03-03 14:27:40,398 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:40,399 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:40,399 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:40,402 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:40,402 INFO L85 PathProgramCache]: Analyzing trace with hash -856979324, now seen corresponding path program 1 times [2025-03-03 14:27:40,407 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:40,407 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [773946648] [2025-03-03 14:27:40,407 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:40,407 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:40,482 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 98 statements into 1 equivalence classes. [2025-03-03 14:27:40,533 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 98 of 98 statements. [2025-03-03 14:27:40,534 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:40,535 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:40,950 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2025-03-03 14:27:40,950 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:40,951 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [773946648] [2025-03-03 14:27:40,951 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [773946648] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:27:40,951 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1475600129] [2025-03-03 14:27:40,951 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:40,951 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:40,951 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:40,953 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:27:40,954 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2025-03-03 14:27:41,082 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 98 statements into 1 equivalence classes. [2025-03-03 14:27:41,192 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 98 of 98 statements. [2025-03-03 14:27:41,192 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:41,192 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:41,197 INFO L256 TraceCheckSpWp]: Trace formula consists of 998 conjuncts, 1 conjuncts are in the unsatisfiable core [2025-03-03 14:27:41,201 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:27:41,216 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:27:41,217 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:27:41,217 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1475600129] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:41,217 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:27:41,218 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [5] total 5 [2025-03-03 14:27:41,219 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [85938695] [2025-03-03 14:27:41,219 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:41,222 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2025-03-03 14:27:41,223 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:41,238 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2025-03-03 14:27:41,239 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:41,241 INFO L87 Difference]: Start difference. First operand has 376 states, 296 states have (on average 1.5675675675675675) internal successors, (464), 301 states have internal predecessors, (464), 57 states have call successors, (57), 21 states have call predecessors, (57), 21 states have return successors, (57), 56 states have call predecessors, (57), 57 states have call successors, (57) Second operand has 2 states, 2 states have (on average 28.0) internal successors, (56), 2 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:41,291 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:41,291 INFO L93 Difference]: Finished difference Result 560 states and 848 transitions. [2025-03-03 14:27:41,293 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2025-03-03 14:27:41,294 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 28.0) internal successors, (56), 2 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 98 [2025-03-03 14:27:41,294 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:41,302 INFO L225 Difference]: With dead ends: 560 [2025-03-03 14:27:41,302 INFO L226 Difference]: Without dead ends: 369 [2025-03-03 14:27:41,308 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 102 GetRequests, 99 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:41,310 INFO L435 NwaCegarLoop]: 575 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 575 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:41,311 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 575 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:41,322 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 369 states. [2025-03-03 14:27:41,344 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 369 to 369. [2025-03-03 14:27:41,345 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 369 states, 290 states have (on average 1.5655172413793104) internal successors, (454), 294 states have internal predecessors, (454), 57 states have call successors, (57), 21 states have call predecessors, (57), 21 states have return successors, (56), 55 states have call predecessors, (56), 56 states have call successors, (56) [2025-03-03 14:27:41,350 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 369 states to 369 states and 567 transitions. [2025-03-03 14:27:41,352 INFO L78 Accepts]: Start accepts. Automaton has 369 states and 567 transitions. Word has length 98 [2025-03-03 14:27:41,353 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:41,353 INFO L471 AbstractCegarLoop]: Abstraction has 369 states and 567 transitions. [2025-03-03 14:27:41,353 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 28.0) internal successors, (56), 2 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:41,353 INFO L276 IsEmpty]: Start isEmpty. Operand 369 states and 567 transitions. [2025-03-03 14:27:41,356 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 100 [2025-03-03 14:27:41,356 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:41,356 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:41,364 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2025-03-03 14:27:41,557 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2025-03-03 14:27:41,557 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:41,558 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:41,558 INFO L85 PathProgramCache]: Analyzing trace with hash -396551088, now seen corresponding path program 1 times [2025-03-03 14:27:41,558 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:41,558 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2099414215] [2025-03-03 14:27:41,558 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:41,558 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:41,592 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 99 statements into 1 equivalence classes. [2025-03-03 14:27:41,604 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 99 of 99 statements. [2025-03-03 14:27:41,604 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:41,607 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:41,760 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2025-03-03 14:27:41,760 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:41,760 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2099414215] [2025-03-03 14:27:41,761 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2099414215] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:27:41,761 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1761773881] [2025-03-03 14:27:41,761 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:41,761 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:41,761 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:41,765 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:27:41,765 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2025-03-03 14:27:41,884 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 99 statements into 1 equivalence classes. [2025-03-03 14:27:41,988 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 99 of 99 statements. [2025-03-03 14:27:41,988 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:41,988 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:41,991 INFO L256 TraceCheckSpWp]: Trace formula consists of 999 conjuncts, 2 conjuncts are in the unsatisfiable core [2025-03-03 14:27:41,994 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:27:42,010 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:27:42,010 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:27:42,010 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1761773881] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:42,010 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:27:42,010 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:27:42,010 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1663391950] [2025-03-03 14:27:42,010 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:42,011 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:42,011 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:42,011 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:42,011 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:27:42,011 INFO L87 Difference]: Start difference. First operand 369 states and 567 transitions. Second operand has 3 states, 3 states have (on average 19.0) internal successors, (57), 3 states have internal predecessors, (57), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:42,043 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:42,043 INFO L93 Difference]: Finished difference Result 549 states and 826 transitions. [2025-03-03 14:27:42,044 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:42,044 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 19.0) internal successors, (57), 3 states have internal predecessors, (57), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 99 [2025-03-03 14:27:42,044 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:42,046 INFO L225 Difference]: With dead ends: 549 [2025-03-03 14:27:42,046 INFO L226 Difference]: Without dead ends: 371 [2025-03-03 14:27:42,047 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 103 GetRequests, 99 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:27:42,047 INFO L435 NwaCegarLoop]: 566 mSDtfsCounter, 0 mSDsluCounter, 564 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 1130 SdHoareTripleChecker+Invalid, 3 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:42,048 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 1130 Invalid, 3 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:42,048 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 371 states. [2025-03-03 14:27:42,070 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 371 to 371. [2025-03-03 14:27:42,071 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 371 states, 292 states have (on average 1.5616438356164384) internal successors, (456), 296 states have internal predecessors, (456), 57 states have call successors, (57), 21 states have call predecessors, (57), 21 states have return successors, (56), 55 states have call predecessors, (56), 56 states have call successors, (56) [2025-03-03 14:27:42,075 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 371 states to 371 states and 569 transitions. [2025-03-03 14:27:42,075 INFO L78 Accepts]: Start accepts. Automaton has 371 states and 569 transitions. Word has length 99 [2025-03-03 14:27:42,076 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:42,076 INFO L471 AbstractCegarLoop]: Abstraction has 371 states and 569 transitions. [2025-03-03 14:27:42,076 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 19.0) internal successors, (57), 3 states have internal predecessors, (57), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:42,076 INFO L276 IsEmpty]: Start isEmpty. Operand 371 states and 569 transitions. [2025-03-03 14:27:42,078 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 105 [2025-03-03 14:27:42,078 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:42,078 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:42,087 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2025-03-03 14:27:42,279 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2025-03-03 14:27:42,279 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:42,280 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:42,280 INFO L85 PathProgramCache]: Analyzing trace with hash -1053158311, now seen corresponding path program 1 times [2025-03-03 14:27:42,280 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:42,280 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [983479305] [2025-03-03 14:27:42,280 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:42,280 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:42,295 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 104 statements into 1 equivalence classes. [2025-03-03 14:27:42,299 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 104 of 104 statements. [2025-03-03 14:27:42,300 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:42,300 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:42,468 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:27:42,470 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:42,470 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [983479305] [2025-03-03 14:27:42,470 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [983479305] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:27:42,470 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [796197796] [2025-03-03 14:27:42,470 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:42,470 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:42,471 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:42,473 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:27:42,476 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2025-03-03 14:27:42,596 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 104 statements into 1 equivalence classes. [2025-03-03 14:27:42,698 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 104 of 104 statements. [2025-03-03 14:27:42,698 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:42,698 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:42,701 INFO L256 TraceCheckSpWp]: Trace formula consists of 1011 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:27:42,707 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:27:42,722 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2025-03-03 14:27:42,725 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:27:42,725 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [796197796] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:42,725 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:27:42,725 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2025-03-03 14:27:42,725 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1820593624] [2025-03-03 14:27:42,726 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:42,726 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:42,726 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:42,727 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:42,727 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:27:42,728 INFO L87 Difference]: Start difference. First operand 371 states and 569 transitions. Second operand has 3 states, 3 states have (on average 20.666666666666668) internal successors, (62), 3 states have internal predecessors, (62), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:42,764 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:42,765 INFO L93 Difference]: Finished difference Result 789 states and 1229 transitions. [2025-03-03 14:27:42,769 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:42,769 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 20.666666666666668) internal successors, (62), 3 states have internal predecessors, (62), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 104 [2025-03-03 14:27:42,769 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:42,772 INFO L225 Difference]: With dead ends: 789 [2025-03-03 14:27:42,773 INFO L226 Difference]: Without dead ends: 445 [2025-03-03 14:27:42,774 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 108 GetRequests, 104 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2025-03-03 14:27:42,775 INFO L435 NwaCegarLoop]: 577 mSDtfsCounter, 134 mSDsluCounter, 520 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 152 SdHoareTripleChecker+Valid, 1097 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:42,775 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [152 Valid, 1097 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:42,776 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 445 states. [2025-03-03 14:27:42,790 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 445 to 437. [2025-03-03 14:27:42,791 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 437 states, 344 states have (on average 1.5813953488372092) internal successors, (544), 348 states have internal predecessors, (544), 71 states have call successors, (71), 21 states have call predecessors, (71), 21 states have return successors, (70), 69 states have call predecessors, (70), 70 states have call successors, (70) [2025-03-03 14:27:42,793 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 437 states to 437 states and 685 transitions. [2025-03-03 14:27:42,794 INFO L78 Accepts]: Start accepts. Automaton has 437 states and 685 transitions. Word has length 104 [2025-03-03 14:27:42,794 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:42,794 INFO L471 AbstractCegarLoop]: Abstraction has 437 states and 685 transitions. [2025-03-03 14:27:42,794 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 20.666666666666668) internal successors, (62), 3 states have internal predecessors, (62), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:42,794 INFO L276 IsEmpty]: Start isEmpty. Operand 437 states and 685 transitions. [2025-03-03 14:27:42,796 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 106 [2025-03-03 14:27:42,796 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:42,796 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:42,804 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2025-03-03 14:27:43,000 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:43,000 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:43,001 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:43,001 INFO L85 PathProgramCache]: Analyzing trace with hash -716872789, now seen corresponding path program 1 times [2025-03-03 14:27:43,001 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:43,001 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1195838111] [2025-03-03 14:27:43,001 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:43,001 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:43,017 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 105 statements into 1 equivalence classes. [2025-03-03 14:27:43,026 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 105 of 105 statements. [2025-03-03 14:27:43,027 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:43,027 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:43,160 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:27:43,161 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:43,161 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1195838111] [2025-03-03 14:27:43,161 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1195838111] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:27:43,161 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [313016777] [2025-03-03 14:27:43,162 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:43,162 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:43,162 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:43,167 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:27:43,169 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2025-03-03 14:27:43,283 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 105 statements into 1 equivalence classes. [2025-03-03 14:27:43,370 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 105 of 105 statements. [2025-03-03 14:27:43,371 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:43,371 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:43,375 INFO L256 TraceCheckSpWp]: Trace formula consists of 1016 conjuncts, 8 conjuncts are in the unsatisfiable core [2025-03-03 14:27:43,378 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:27:43,429 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-03 14:27:43,429 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:27:43,429 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [313016777] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:43,429 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:27:43,429 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 8 [2025-03-03 14:27:43,429 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [118428653] [2025-03-03 14:27:43,429 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:43,430 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:27:43,430 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:43,430 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:27:43,430 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:27:43,431 INFO L87 Difference]: Start difference. First operand 437 states and 685 transitions. Second operand has 5 states, 4 states have (on average 17.75) internal successors, (71), 5 states have internal predecessors, (71), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:27:43,496 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:43,497 INFO L93 Difference]: Finished difference Result 865 states and 1360 transitions. [2025-03-03 14:27:43,499 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:27:43,500 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 17.75) internal successors, (71), 5 states have internal predecessors, (71), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 105 [2025-03-03 14:27:43,500 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:43,502 INFO L225 Difference]: With dead ends: 865 [2025-03-03 14:27:43,502 INFO L226 Difference]: Without dead ends: 439 [2025-03-03 14:27:43,506 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 109 GetRequests, 103 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2025-03-03 14:27:43,508 INFO L435 NwaCegarLoop]: 559 mSDtfsCounter, 2 mSDsluCounter, 1666 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2225 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:43,508 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2225 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:43,510 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 439 states. [2025-03-03 14:27:43,530 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 439 to 439. [2025-03-03 14:27:43,531 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 439 states, 345 states have (on average 1.5797101449275361) internal successors, (545), 350 states have internal predecessors, (545), 71 states have call successors, (71), 21 states have call predecessors, (71), 22 states have return successors, (72), 69 states have call predecessors, (72), 70 states have call successors, (72) [2025-03-03 14:27:43,534 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 439 states to 439 states and 688 transitions. [2025-03-03 14:27:43,535 INFO L78 Accepts]: Start accepts. Automaton has 439 states and 688 transitions. Word has length 105 [2025-03-03 14:27:43,536 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:43,536 INFO L471 AbstractCegarLoop]: Abstraction has 439 states and 688 transitions. [2025-03-03 14:27:43,536 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 17.75) internal successors, (71), 5 states have internal predecessors, (71), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:27:43,536 INFO L276 IsEmpty]: Start isEmpty. Operand 439 states and 688 transitions. [2025-03-03 14:27:43,538 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2025-03-03 14:27:43,539 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:43,539 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:43,547 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2025-03-03 14:27:43,740 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:43,740 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:43,740 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:43,740 INFO L85 PathProgramCache]: Analyzing trace with hash -2115738551, now seen corresponding path program 1 times [2025-03-03 14:27:43,740 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:43,740 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1944557552] [2025-03-03 14:27:43,741 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:43,741 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:43,754 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 106 statements into 1 equivalence classes. [2025-03-03 14:27:43,761 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 106 of 106 statements. [2025-03-03 14:27:43,761 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:43,761 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:43,890 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2025-03-03 14:27:43,890 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:43,890 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1944557552] [2025-03-03 14:27:43,890 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1944557552] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:27:43,890 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1595739222] [2025-03-03 14:27:43,890 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:43,890 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:43,891 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:43,892 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:27:43,894 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2025-03-03 14:27:44,008 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 106 statements into 1 equivalence classes. [2025-03-03 14:27:44,096 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 106 of 106 statements. [2025-03-03 14:27:44,097 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:44,097 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:44,103 INFO L256 TraceCheckSpWp]: Trace formula consists of 1017 conjuncts, 6 conjuncts are in the unsatisfiable core [2025-03-03 14:27:44,106 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:27:44,142 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2025-03-03 14:27:44,142 INFO L308 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2025-03-03 14:27:44,142 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1595739222] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:44,143 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2025-03-03 14:27:44,143 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [8] total 11 [2025-03-03 14:27:44,143 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2100818032] [2025-03-03 14:27:44,143 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:44,143 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:27:44,143 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:44,144 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:27:44,144 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:27:44,144 INFO L87 Difference]: Start difference. First operand 439 states and 688 transitions. Second operand has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:27:44,206 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:44,206 INFO L93 Difference]: Finished difference Result 867 states and 1365 transitions. [2025-03-03 14:27:44,207 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:27:44,208 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 106 [2025-03-03 14:27:44,208 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:44,213 INFO L225 Difference]: With dead ends: 867 [2025-03-03 14:27:44,213 INFO L226 Difference]: Without dead ends: 441 [2025-03-03 14:27:44,215 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 113 GetRequests, 104 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2025-03-03 14:27:44,215 INFO L435 NwaCegarLoop]: 557 mSDtfsCounter, 2 mSDsluCounter, 1654 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2211 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:44,215 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2211 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:44,216 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 441 states. [2025-03-03 14:27:44,236 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 441 to 441. [2025-03-03 14:27:44,237 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 441 states, 346 states have (on average 1.5780346820809248) internal successors, (546), 352 states have internal predecessors, (546), 71 states have call successors, (71), 21 states have call predecessors, (71), 23 states have return successors, (77), 69 states have call predecessors, (77), 70 states have call successors, (77) [2025-03-03 14:27:44,240 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 441 states to 441 states and 694 transitions. [2025-03-03 14:27:44,241 INFO L78 Accepts]: Start accepts. Automaton has 441 states and 694 transitions. Word has length 106 [2025-03-03 14:27:44,241 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:44,241 INFO L471 AbstractCegarLoop]: Abstraction has 441 states and 694 transitions. [2025-03-03 14:27:44,241 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 14.6) internal successors, (73), 5 states have internal predecessors, (73), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:27:44,241 INFO L276 IsEmpty]: Start isEmpty. Operand 441 states and 694 transitions. [2025-03-03 14:27:44,243 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 108 [2025-03-03 14:27:44,243 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:44,243 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:44,251 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Ended with exit code 0 [2025-03-03 14:27:44,443 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:44,443 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:44,444 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:44,444 INFO L85 PathProgramCache]: Analyzing trace with hash 1653054644, now seen corresponding path program 1 times [2025-03-03 14:27:44,444 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:44,444 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [611417499] [2025-03-03 14:27:44,444 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:44,444 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:44,460 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 107 statements into 1 equivalence classes. [2025-03-03 14:27:44,471 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 107 of 107 statements. [2025-03-03 14:27:44,471 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:44,471 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:44,577 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2025-03-03 14:27:44,577 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:44,577 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [611417499] [2025-03-03 14:27:44,577 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [611417499] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:44,578 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:44,578 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:27:44,578 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1732629605] [2025-03-03 14:27:44,578 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:44,578 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:27:44,578 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:44,579 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:27:44,579 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:44,579 INFO L87 Difference]: Start difference. First operand 441 states and 694 transitions. Second operand has 5 states, 4 states have (on average 17.25) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:27:44,614 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:44,614 INFO L93 Difference]: Finished difference Result 859 states and 1356 transitions. [2025-03-03 14:27:44,614 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:27:44,614 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 17.25) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 107 [2025-03-03 14:27:44,615 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:44,617 INFO L225 Difference]: With dead ends: 859 [2025-03-03 14:27:44,618 INFO L226 Difference]: Without dead ends: 441 [2025-03-03 14:27:44,619 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:44,620 INFO L435 NwaCegarLoop]: 560 mSDtfsCounter, 2 mSDsluCounter, 1669 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2229 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:44,621 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2229 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:44,621 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 441 states. [2025-03-03 14:27:44,640 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 441 to 441. [2025-03-03 14:27:44,642 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 441 states, 346 states have (on average 1.5780346820809248) internal successors, (546), 352 states have internal predecessors, (546), 71 states have call successors, (71), 21 states have call predecessors, (71), 23 states have return successors, (76), 69 states have call predecessors, (76), 70 states have call successors, (76) [2025-03-03 14:27:44,644 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 441 states to 441 states and 693 transitions. [2025-03-03 14:27:44,645 INFO L78 Accepts]: Start accepts. Automaton has 441 states and 693 transitions. Word has length 107 [2025-03-03 14:27:44,646 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:44,646 INFO L471 AbstractCegarLoop]: Abstraction has 441 states and 693 transitions. [2025-03-03 14:27:44,646 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 17.25) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:27:44,646 INFO L276 IsEmpty]: Start isEmpty. Operand 441 states and 693 transitions. [2025-03-03 14:27:44,648 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 109 [2025-03-03 14:27:44,649 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:44,649 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:44,649 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2025-03-03 14:27:44,649 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:44,650 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:44,650 INFO L85 PathProgramCache]: Analyzing trace with hash 513224820, now seen corresponding path program 2 times [2025-03-03 14:27:44,650 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:44,650 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2096967019] [2025-03-03 14:27:44,650 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2025-03-03 14:27:44,650 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:44,665 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 partitioned 108 statements into 2 equivalence classes. [2025-03-03 14:27:44,678 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) and asserted 108 of 108 statements. [2025-03-03 14:27:44,678 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2025-03-03 14:27:44,678 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:44,762 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:27:44,762 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:44,762 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2096967019] [2025-03-03 14:27:44,762 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2096967019] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:44,762 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:44,762 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:27:44,763 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1050167170] [2025-03-03 14:27:44,763 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:44,763 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:27:44,763 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:44,763 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:27:44,763 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:44,764 INFO L87 Difference]: Start difference. First operand 441 states and 693 transitions. Second operand has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:27:44,811 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:44,811 INFO L93 Difference]: Finished difference Result 857 states and 1351 transitions. [2025-03-03 14:27:44,812 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:27:44,812 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 108 [2025-03-03 14:27:44,812 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:44,814 INFO L225 Difference]: With dead ends: 857 [2025-03-03 14:27:44,814 INFO L226 Difference]: Without dead ends: 441 [2025-03-03 14:27:44,816 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:44,817 INFO L435 NwaCegarLoop]: 558 mSDtfsCounter, 2 mSDsluCounter, 1657 mSDsCounter, 0 mSdLazyCounter, 45 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 2215 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 45 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:44,817 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 2215 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 45 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:44,819 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 441 states. [2025-03-03 14:27:44,829 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 441 to 441. [2025-03-03 14:27:44,830 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 441 states, 346 states have (on average 1.5780346820809248) internal successors, (546), 352 states have internal predecessors, (546), 71 states have call successors, (71), 21 states have call predecessors, (71), 23 states have return successors, (75), 69 states have call predecessors, (75), 70 states have call successors, (75) [2025-03-03 14:27:44,833 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 441 states to 441 states and 692 transitions. [2025-03-03 14:27:44,833 INFO L78 Accepts]: Start accepts. Automaton has 441 states and 692 transitions. Word has length 108 [2025-03-03 14:27:44,834 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:44,834 INFO L471 AbstractCegarLoop]: Abstraction has 441 states and 692 transitions. [2025-03-03 14:27:44,834 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:27:44,834 INFO L276 IsEmpty]: Start isEmpty. Operand 441 states and 692 transitions. [2025-03-03 14:27:44,836 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 110 [2025-03-03 14:27:44,836 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:44,836 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:44,836 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2025-03-03 14:27:44,836 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:44,836 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:44,837 INFO L85 PathProgramCache]: Analyzing trace with hash 2076173505, now seen corresponding path program 3 times [2025-03-03 14:27:44,837 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:44,837 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1133293080] [2025-03-03 14:27:44,837 INFO L95 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2025-03-03 14:27:44,837 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:44,855 INFO L108 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 partitioned 109 statements into 3 equivalence classes. [2025-03-03 14:27:44,865 INFO L111 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) and asserted 97 of 109 statements. [2025-03-03 14:27:44,865 INFO L114 AnnotateAndAsserter]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2025-03-03 14:27:44,865 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:44,946 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:27:44,946 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:44,946 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1133293080] [2025-03-03 14:27:44,946 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1133293080] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:44,946 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:44,946 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:27:44,947 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1211191974] [2025-03-03 14:27:44,947 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:44,947 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:27:44,947 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:44,947 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:27:44,947 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:44,948 INFO L87 Difference]: Start difference. First operand 441 states and 692 transitions. Second operand has 5 states, 5 states have (on average 14.0) internal successors, (70), 5 states have internal predecessors, (70), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:27:44,994 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:44,994 INFO L93 Difference]: Finished difference Result 859 states and 1357 transitions. [2025-03-03 14:27:44,995 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:27:44,995 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 14.0) internal successors, (70), 5 states have internal predecessors, (70), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 109 [2025-03-03 14:27:44,995 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:44,997 INFO L225 Difference]: With dead ends: 859 [2025-03-03 14:27:44,997 INFO L226 Difference]: Without dead ends: 443 [2025-03-03 14:27:44,998 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:44,999 INFO L435 NwaCegarLoop]: 561 mSDtfsCounter, 1 mSDsluCounter, 1665 mSDsCounter, 0 mSdLazyCounter, 49 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2226 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 49 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:44,999 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2226 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 49 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:44,999 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 443 states. [2025-03-03 14:27:45,009 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 443 to 443. [2025-03-03 14:27:45,009 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 443 states, 347 states have (on average 1.5763688760806915) internal successors, (547), 354 states have internal predecessors, (547), 71 states have call successors, (71), 21 states have call predecessors, (71), 24 states have return successors, (80), 69 states have call predecessors, (80), 70 states have call successors, (80) [2025-03-03 14:27:45,012 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 443 states to 443 states and 698 transitions. [2025-03-03 14:27:45,012 INFO L78 Accepts]: Start accepts. Automaton has 443 states and 698 transitions. Word has length 109 [2025-03-03 14:27:45,012 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:45,013 INFO L471 AbstractCegarLoop]: Abstraction has 443 states and 698 transitions. [2025-03-03 14:27:45,013 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 14.0) internal successors, (70), 5 states have internal predecessors, (70), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:27:45,013 INFO L276 IsEmpty]: Start isEmpty. Operand 443 states and 698 transitions. [2025-03-03 14:27:45,014 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2025-03-03 14:27:45,014 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:45,014 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:45,014 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2025-03-03 14:27:45,015 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:45,015 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:45,015 INFO L85 PathProgramCache]: Analyzing trace with hash 1720925463, now seen corresponding path program 1 times [2025-03-03 14:27:45,015 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:45,015 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1115652892] [2025-03-03 14:27:45,015 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:45,015 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:45,027 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 110 statements into 1 equivalence classes. [2025-03-03 14:27:45,032 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 110 of 110 statements. [2025-03-03 14:27:45,032 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:45,032 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:45,115 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2025-03-03 14:27:45,115 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:45,115 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1115652892] [2025-03-03 14:27:45,115 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1115652892] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:45,115 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:45,115 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2025-03-03 14:27:45,115 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1283549947] [2025-03-03 14:27:45,115 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:45,116 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2025-03-03 14:27:45,116 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:45,116 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2025-03-03 14:27:45,116 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:45,116 INFO L87 Difference]: Start difference. First operand 443 states and 698 transitions. Second operand has 5 states, 4 states have (on average 18.0) internal successors, (72), 5 states have internal predecessors, (72), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:27:45,152 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:45,152 INFO L93 Difference]: Finished difference Result 865 states and 1367 transitions. [2025-03-03 14:27:45,152 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2025-03-03 14:27:45,153 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 18.0) internal successors, (72), 5 states have internal predecessors, (72), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 110 [2025-03-03 14:27:45,153 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:45,155 INFO L225 Difference]: With dead ends: 865 [2025-03-03 14:27:45,155 INFO L226 Difference]: Without dead ends: 445 [2025-03-03 14:27:45,156 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2025-03-03 14:27:45,156 INFO L435 NwaCegarLoop]: 561 mSDtfsCounter, 1 mSDsluCounter, 1671 mSDsCounter, 0 mSdLazyCounter, 37 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2 SdHoareTripleChecker+Valid, 2232 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 37 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:45,157 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [2 Valid, 2232 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 37 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:45,157 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 445 states. [2025-03-03 14:27:45,166 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 445 to 445. [2025-03-03 14:27:45,167 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 445 states, 348 states have (on average 1.5747126436781609) internal successors, (548), 356 states have internal predecessors, (548), 71 states have call successors, (71), 21 states have call predecessors, (71), 25 states have return successors, (82), 69 states have call predecessors, (82), 70 states have call successors, (82) [2025-03-03 14:27:45,169 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 445 states to 445 states and 701 transitions. [2025-03-03 14:27:45,170 INFO L78 Accepts]: Start accepts. Automaton has 445 states and 701 transitions. Word has length 110 [2025-03-03 14:27:45,170 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:45,170 INFO L471 AbstractCegarLoop]: Abstraction has 445 states and 701 transitions. [2025-03-03 14:27:45,170 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 18.0) internal successors, (72), 5 states have internal predecessors, (72), 3 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2025-03-03 14:27:45,170 INFO L276 IsEmpty]: Start isEmpty. Operand 445 states and 701 transitions. [2025-03-03 14:27:45,171 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2025-03-03 14:27:45,171 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:45,172 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:45,172 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2025-03-03 14:27:45,172 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:45,172 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:45,172 INFO L85 PathProgramCache]: Analyzing trace with hash -288497318, now seen corresponding path program 1 times [2025-03-03 14:27:45,172 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:45,172 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1072595353] [2025-03-03 14:27:45,172 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:45,173 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:45,185 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:27:45,191 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:27:45,191 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:45,191 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:45,255 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:45,256 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:45,256 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1072595353] [2025-03-03 14:27:45,256 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1072595353] provided 0 perfect and 1 imperfect interpolant sequences [2025-03-03 14:27:45,256 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1554094750] [2025-03-03 14:27:45,256 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:45,256 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:45,256 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2025-03-03 14:27:45,258 INFO L229 MonitoredProcess]: Starting monitored process 7 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2025-03-03 14:27:45,259 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2025-03-03 14:27:45,381 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 111 statements into 1 equivalence classes. [2025-03-03 14:27:45,463 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 111 of 111 statements. [2025-03-03 14:27:45,463 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:45,463 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:45,467 INFO L256 TraceCheckSpWp]: Trace formula consists of 1022 conjuncts, 3 conjuncts are in the unsatisfiable core [2025-03-03 14:27:45,469 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2025-03-03 14:27:45,490 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:45,493 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2025-03-03 14:27:45,589 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:45,589 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1554094750] provided 0 perfect and 2 imperfect interpolant sequences [2025-03-03 14:27:45,589 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2025-03-03 14:27:45,589 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [4, 4, 4] total 7 [2025-03-03 14:27:45,590 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1109592458] [2025-03-03 14:27:45,590 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2025-03-03 14:27:45,590 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2025-03-03 14:27:45,590 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:45,590 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2025-03-03 14:27:45,590 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:27:45,591 INFO L87 Difference]: Start difference. First operand 445 states and 701 transitions. Second operand has 7 states, 7 states have (on average 14.0) internal successors, (98), 7 states have internal predecessors, (98), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:27:45,728 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:45,728 INFO L93 Difference]: Finished difference Result 1060 states and 1726 transitions. [2025-03-03 14:27:45,728 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2025-03-03 14:27:45,728 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 14.0) internal successors, (98), 7 states have internal predecessors, (98), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 111 [2025-03-03 14:27:45,729 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:45,734 INFO L225 Difference]: With dead ends: 1060 [2025-03-03 14:27:45,734 INFO L226 Difference]: Without dead ends: 882 [2025-03-03 14:27:45,735 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 224 GetRequests, 219 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=21, Unknown=0, NotChecked=0, Total=42 [2025-03-03 14:27:45,735 INFO L435 NwaCegarLoop]: 609 mSDtfsCounter, 490 mSDsluCounter, 2008 mSDsCounter, 0 mSdLazyCounter, 106 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 544 SdHoareTripleChecker+Valid, 2617 SdHoareTripleChecker+Invalid, 114 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 106 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:45,736 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [544 Valid, 2617 Invalid, 114 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 106 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2025-03-03 14:27:45,737 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 882 states. [2025-03-03 14:27:45,760 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 882 to 858. [2025-03-03 14:27:45,762 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 858 states, 682 states have (on average 1.6363636363636365) internal successors, (1116), 690 states have internal predecessors, (1116), 150 states have call successors, (150), 21 states have call predecessors, (150), 25 states have return successors, (171), 148 states have call predecessors, (171), 149 states have call successors, (171) [2025-03-03 14:27:45,766 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 858 states to 858 states and 1437 transitions. [2025-03-03 14:27:45,767 INFO L78 Accepts]: Start accepts. Automaton has 858 states and 1437 transitions. Word has length 111 [2025-03-03 14:27:45,767 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:45,767 INFO L471 AbstractCegarLoop]: Abstraction has 858 states and 1437 transitions. [2025-03-03 14:27:45,767 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 14.0) internal successors, (98), 7 states have internal predecessors, (98), 2 states have call successors, (21), 2 states have call predecessors, (21), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2025-03-03 14:27:45,768 INFO L276 IsEmpty]: Start isEmpty. Operand 858 states and 1437 transitions. [2025-03-03 14:27:45,771 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 118 [2025-03-03 14:27:45,771 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:45,772 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:45,780 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Ended with exit code 0 [2025-03-03 14:27:45,976 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,7 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2025-03-03 14:27:45,976 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:45,976 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:45,977 INFO L85 PathProgramCache]: Analyzing trace with hash -944789510, now seen corresponding path program 1 times [2025-03-03 14:27:45,977 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:45,977 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [763293516] [2025-03-03 14:27:45,977 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:45,977 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:45,990 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 117 statements into 1 equivalence classes. [2025-03-03 14:27:45,999 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 117 of 117 statements. [2025-03-03 14:27:45,999 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:45,999 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:46,028 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:46,028 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:46,028 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [763293516] [2025-03-03 14:27:46,028 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [763293516] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:46,028 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:46,028 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:46,028 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1669415593] [2025-03-03 14:27:46,028 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:46,029 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:46,029 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:46,029 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:46,029 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:46,029 INFO L87 Difference]: Start difference. First operand 858 states and 1437 transitions. Second operand has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:46,064 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:46,064 INFO L93 Difference]: Finished difference Result 2068 states and 3508 transitions. [2025-03-03 14:27:46,065 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:46,065 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 117 [2025-03-03 14:27:46,065 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:46,072 INFO L225 Difference]: With dead ends: 2068 [2025-03-03 14:27:46,072 INFO L226 Difference]: Without dead ends: 1276 [2025-03-03 14:27:46,074 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:46,075 INFO L435 NwaCegarLoop]: 588 mSDtfsCounter, 132 mSDsluCounter, 566 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 150 SdHoareTripleChecker+Valid, 1154 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:46,075 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [150 Valid, 1154 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:46,076 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1276 states. [2025-03-03 14:27:46,111 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1276 to 1268. [2025-03-03 14:27:46,112 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1268 states, 1013 states have (on average 1.6495557749259624) internal successors, (1671), 1021 states have internal predecessors, (1671), 229 states have call successors, (229), 21 states have call predecessors, (229), 25 states have return successors, (260), 227 states have call predecessors, (260), 228 states have call successors, (260) [2025-03-03 14:27:46,118 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1268 states to 1268 states and 2160 transitions. [2025-03-03 14:27:46,119 INFO L78 Accepts]: Start accepts. Automaton has 1268 states and 2160 transitions. Word has length 117 [2025-03-03 14:27:46,120 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:46,120 INFO L471 AbstractCegarLoop]: Abstraction has 1268 states and 2160 transitions. [2025-03-03 14:27:46,120 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 25.666666666666668) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:46,120 INFO L276 IsEmpty]: Start isEmpty. Operand 1268 states and 2160 transitions. [2025-03-03 14:27:46,125 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 119 [2025-03-03 14:27:46,125 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:46,125 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:46,125 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2025-03-03 14:27:46,125 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:46,126 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:46,126 INFO L85 PathProgramCache]: Analyzing trace with hash 720636587, now seen corresponding path program 1 times [2025-03-03 14:27:46,126 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:46,126 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1755998821] [2025-03-03 14:27:46,126 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:46,126 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:46,142 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 118 statements into 1 equivalence classes. [2025-03-03 14:27:46,149 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 118 of 118 statements. [2025-03-03 14:27:46,149 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:46,149 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:46,205 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:46,205 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:46,205 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1755998821] [2025-03-03 14:27:46,205 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1755998821] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:46,205 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:46,205 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:46,205 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [202596653] [2025-03-03 14:27:46,205 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:46,206 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:46,206 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:46,206 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:46,206 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:46,206 INFO L87 Difference]: Start difference. First operand 1268 states and 2160 transitions. Second operand has 3 states, 3 states have (on average 26.0) internal successors, (78), 3 states have internal predecessors, (78), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:46,253 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:46,253 INFO L93 Difference]: Finished difference Result 3071 states and 5259 transitions. [2025-03-03 14:27:46,253 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:46,253 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.0) internal successors, (78), 3 states have internal predecessors, (78), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 118 [2025-03-03 14:27:46,254 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:46,262 INFO L225 Difference]: With dead ends: 3071 [2025-03-03 14:27:46,263 INFO L226 Difference]: Without dead ends: 1920 [2025-03-03 14:27:46,266 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:46,267 INFO L435 NwaCegarLoop]: 568 mSDtfsCounter, 130 mSDsluCounter, 560 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 148 SdHoareTripleChecker+Valid, 1128 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:46,267 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [148 Valid, 1128 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:46,268 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1920 states. [2025-03-03 14:27:46,321 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1920 to 1912. [2025-03-03 14:27:46,324 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1912 states, 1538 states have (on average 1.6579973992197659) internal successors, (2550), 1546 states have internal predecessors, (2550), 348 states have call successors, (348), 21 states have call predecessors, (348), 25 states have return successors, (379), 346 states have call predecessors, (379), 347 states have call successors, (379) [2025-03-03 14:27:46,333 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1912 states to 1912 states and 3277 transitions. [2025-03-03 14:27:46,335 INFO L78 Accepts]: Start accepts. Automaton has 1912 states and 3277 transitions. Word has length 118 [2025-03-03 14:27:46,335 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:46,335 INFO L471 AbstractCegarLoop]: Abstraction has 1912 states and 3277 transitions. [2025-03-03 14:27:46,335 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.0) internal successors, (78), 3 states have internal predecessors, (78), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:46,335 INFO L276 IsEmpty]: Start isEmpty. Operand 1912 states and 3277 transitions. [2025-03-03 14:27:46,343 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 120 [2025-03-03 14:27:46,343 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:46,343 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:46,343 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2025-03-03 14:27:46,344 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:46,344 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:46,344 INFO L85 PathProgramCache]: Analyzing trace with hash -175421863, now seen corresponding path program 1 times [2025-03-03 14:27:46,344 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:46,344 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [642404506] [2025-03-03 14:27:46,344 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:46,344 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:46,357 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 119 statements into 1 equivalence classes. [2025-03-03 14:27:46,363 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 119 of 119 statements. [2025-03-03 14:27:46,363 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:46,363 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:46,396 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:46,396 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:46,396 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [642404506] [2025-03-03 14:27:46,396 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [642404506] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:46,396 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:46,396 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:46,396 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1806370674] [2025-03-03 14:27:46,396 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:46,396 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:46,396 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:46,397 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:46,397 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:46,397 INFO L87 Difference]: Start difference. First operand 1912 states and 3277 transitions. Second operand has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:46,492 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:46,493 INFO L93 Difference]: Finished difference Result 4583 states and 7909 transitions. [2025-03-03 14:27:46,493 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:46,493 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 119 [2025-03-03 14:27:46,493 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:46,508 INFO L225 Difference]: With dead ends: 4583 [2025-03-03 14:27:46,508 INFO L226 Difference]: Without dead ends: 2910 [2025-03-03 14:27:46,514 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:46,514 INFO L435 NwaCegarLoop]: 566 mSDtfsCounter, 128 mSDsluCounter, 557 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 1123 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:46,515 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 1123 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:46,517 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2910 states. [2025-03-03 14:27:46,624 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2910 to 2902. [2025-03-03 14:27:46,629 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2902 states, 2366 states have (on average 1.664835164835165) internal successors, (3939), 2374 states have internal predecessors, (3939), 510 states have call successors, (510), 21 states have call predecessors, (510), 25 states have return successors, (557), 508 states have call predecessors, (557), 509 states have call successors, (557) [2025-03-03 14:27:46,645 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2902 states to 2902 states and 5006 transitions. [2025-03-03 14:27:46,647 INFO L78 Accepts]: Start accepts. Automaton has 2902 states and 5006 transitions. Word has length 119 [2025-03-03 14:27:46,647 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:46,647 INFO L471 AbstractCegarLoop]: Abstraction has 2902 states and 5006 transitions. [2025-03-03 14:27:46,647 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:46,647 INFO L276 IsEmpty]: Start isEmpty. Operand 2902 states and 5006 transitions. [2025-03-03 14:27:46,659 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 121 [2025-03-03 14:27:46,659 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:46,659 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:46,659 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2025-03-03 14:27:46,659 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:46,660 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:46,660 INFO L85 PathProgramCache]: Analyzing trace with hash -1312297492, now seen corresponding path program 1 times [2025-03-03 14:27:46,660 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:46,660 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [394736535] [2025-03-03 14:27:46,660 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:46,660 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:46,674 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 120 statements into 1 equivalence classes. [2025-03-03 14:27:46,679 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 120 of 120 statements. [2025-03-03 14:27:46,679 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:46,679 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:46,708 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:46,708 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:46,708 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [394736535] [2025-03-03 14:27:46,708 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [394736535] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:46,708 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:46,708 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:46,708 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1798847626] [2025-03-03 14:27:46,708 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:46,709 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:46,709 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:46,709 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:46,709 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:46,709 INFO L87 Difference]: Start difference. First operand 2902 states and 5006 transitions. Second operand has 3 states, 3 states have (on average 26.666666666666668) internal successors, (80), 3 states have internal predecessors, (80), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:46,832 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:46,833 INFO L93 Difference]: Finished difference Result 6976 states and 12110 transitions. [2025-03-03 14:27:46,833 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:46,833 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.666666666666668) internal successors, (80), 3 states have internal predecessors, (80), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 120 [2025-03-03 14:27:46,833 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:46,855 INFO L225 Difference]: With dead ends: 6976 [2025-03-03 14:27:46,855 INFO L226 Difference]: Without dead ends: 4513 [2025-03-03 14:27:46,863 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:46,863 INFO L435 NwaCegarLoop]: 566 mSDtfsCounter, 126 mSDsluCounter, 557 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 1123 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:46,863 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 1123 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:46,866 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4513 states. [2025-03-03 14:27:47,011 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4513 to 4505. [2025-03-03 14:27:47,019 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4505 states, 3724 states have (on average 1.6697099892588614) internal successors, (6218), 3732 states have internal predecessors, (6218), 755 states have call successors, (755), 21 states have call predecessors, (755), 25 states have return successors, (828), 753 states have call predecessors, (828), 754 states have call successors, (828) [2025-03-03 14:27:47,040 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4505 states to 4505 states and 7801 transitions. [2025-03-03 14:27:47,043 INFO L78 Accepts]: Start accepts. Automaton has 4505 states and 7801 transitions. Word has length 120 [2025-03-03 14:27:47,043 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:47,043 INFO L471 AbstractCegarLoop]: Abstraction has 4505 states and 7801 transitions. [2025-03-03 14:27:47,043 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.666666666666668) internal successors, (80), 3 states have internal predecessors, (80), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:47,043 INFO L276 IsEmpty]: Start isEmpty. Operand 4505 states and 7801 transitions. [2025-03-03 14:27:47,058 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2025-03-03 14:27:47,058 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:47,058 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:47,058 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2025-03-03 14:27:47,058 INFO L396 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:47,059 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:47,059 INFO L85 PathProgramCache]: Analyzing trace with hash 1426247128, now seen corresponding path program 1 times [2025-03-03 14:27:47,059 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:47,059 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1495376373] [2025-03-03 14:27:47,059 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:47,059 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:47,074 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 121 statements into 1 equivalence classes. [2025-03-03 14:27:47,081 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 121 of 121 statements. [2025-03-03 14:27:47,081 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:47,081 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:47,108 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:47,109 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:47,109 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1495376373] [2025-03-03 14:27:47,109 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1495376373] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:47,109 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:47,109 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:47,109 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [177058575] [2025-03-03 14:27:47,109 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:47,109 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:47,109 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:47,110 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:47,110 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:47,110 INFO L87 Difference]: Start difference. First operand 4505 states and 7801 transitions. Second operand has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:47,293 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:47,294 INFO L93 Difference]: Finished difference Result 10966 states and 19114 transitions. [2025-03-03 14:27:47,294 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:47,294 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 121 [2025-03-03 14:27:47,294 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:47,333 INFO L225 Difference]: With dead ends: 10966 [2025-03-03 14:27:47,334 INFO L226 Difference]: Without dead ends: 7207 [2025-03-03 14:27:47,350 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:47,350 INFO L435 NwaCegarLoop]: 579 mSDtfsCounter, 124 mSDsluCounter, 557 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 1136 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:47,350 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 1136 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:47,356 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 7207 states. [2025-03-03 14:27:47,624 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 7207 to 7199. [2025-03-03 14:27:47,637 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7199 states, 5925 states have (on average 1.6681856540084388) internal successors, (9884), 5933 states have internal predecessors, (9884), 1248 states have call successors, (1248), 21 states have call predecessors, (1248), 25 states have return successors, (1365), 1246 states have call predecessors, (1365), 1247 states have call successors, (1365) [2025-03-03 14:27:47,669 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7199 states to 7199 states and 12497 transitions. [2025-03-03 14:27:47,673 INFO L78 Accepts]: Start accepts. Automaton has 7199 states and 12497 transitions. Word has length 121 [2025-03-03 14:27:47,673 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:47,673 INFO L471 AbstractCegarLoop]: Abstraction has 7199 states and 12497 transitions. [2025-03-03 14:27:47,673 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:47,673 INFO L276 IsEmpty]: Start isEmpty. Operand 7199 states and 12497 transitions. [2025-03-03 14:27:47,694 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 123 [2025-03-03 14:27:47,694 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:47,694 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:47,694 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2025-03-03 14:27:47,695 INFO L396 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:47,695 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:47,695 INFO L85 PathProgramCache]: Analyzing trace with hash 91969325, now seen corresponding path program 1 times [2025-03-03 14:27:47,695 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:47,695 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [916894741] [2025-03-03 14:27:47,695 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:47,695 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:47,708 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 122 statements into 1 equivalence classes. [2025-03-03 14:27:47,714 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 122 of 122 statements. [2025-03-03 14:27:47,714 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:47,714 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:47,765 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:47,765 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:47,765 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [916894741] [2025-03-03 14:27:47,765 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [916894741] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:47,765 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:47,766 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:47,766 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1826629699] [2025-03-03 14:27:47,766 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:47,766 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:47,766 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:47,766 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:47,766 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:47,766 INFO L87 Difference]: Start difference. First operand 7199 states and 12497 transitions. Second operand has 3 states, 3 states have (on average 27.333333333333332) internal successors, (82), 3 states have internal predecessors, (82), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:48,104 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:48,104 INFO L93 Difference]: Finished difference Result 18196 states and 31782 transitions. [2025-03-03 14:27:48,105 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:48,105 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.333333333333332) internal successors, (82), 3 states have internal predecessors, (82), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 122 [2025-03-03 14:27:48,105 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:48,158 INFO L225 Difference]: With dead ends: 18196 [2025-03-03 14:27:48,158 INFO L226 Difference]: Without dead ends: 12114 [2025-03-03 14:27:48,188 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:48,189 INFO L435 NwaCegarLoop]: 573 mSDtfsCounter, 122 mSDsluCounter, 561 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 1134 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:48,189 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 1134 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:48,200 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 12114 states. [2025-03-03 14:27:48,656 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 12114 to 12106. [2025-03-03 14:27:48,680 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 12106 states, 10010 states have (on average 1.6685314685314685) internal successors, (16702), 10018 states have internal predecessors, (16702), 2070 states have call successors, (2070), 21 states have call predecessors, (2070), 25 states have return successors, (2265), 2068 states have call predecessors, (2265), 2069 states have call successors, (2265) [2025-03-03 14:27:48,730 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 12106 states to 12106 states and 21037 transitions. [2025-03-03 14:27:48,739 INFO L78 Accepts]: Start accepts. Automaton has 12106 states and 21037 transitions. Word has length 122 [2025-03-03 14:27:48,739 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:48,739 INFO L471 AbstractCegarLoop]: Abstraction has 12106 states and 21037 transitions. [2025-03-03 14:27:48,740 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.333333333333332) internal successors, (82), 3 states have internal predecessors, (82), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:48,740 INFO L276 IsEmpty]: Start isEmpty. Operand 12106 states and 21037 transitions. [2025-03-03 14:27:48,764 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 124 [2025-03-03 14:27:48,764 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:48,764 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:48,764 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2025-03-03 14:27:48,764 INFO L396 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:48,765 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:48,765 INFO L85 PathProgramCache]: Analyzing trace with hash -908132489, now seen corresponding path program 1 times [2025-03-03 14:27:48,765 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:48,765 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [926700636] [2025-03-03 14:27:48,765 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:48,765 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:48,776 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 123 statements into 1 equivalence classes. [2025-03-03 14:27:48,782 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 123 of 123 statements. [2025-03-03 14:27:48,782 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:48,782 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:48,812 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:48,812 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:48,812 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [926700636] [2025-03-03 14:27:48,812 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [926700636] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:48,812 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:48,812 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:48,812 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [394001946] [2025-03-03 14:27:48,812 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:48,813 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:48,813 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:48,814 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:48,814 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:48,814 INFO L87 Difference]: Start difference. First operand 12106 states and 21037 transitions. Second operand has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:49,202 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:49,202 INFO L93 Difference]: Finished difference Result 28952 states and 50264 transitions. [2025-03-03 14:27:49,202 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:49,202 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 123 [2025-03-03 14:27:49,203 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:49,276 INFO L225 Difference]: With dead ends: 28952 [2025-03-03 14:27:49,276 INFO L226 Difference]: Without dead ends: 18930 [2025-03-03 14:27:49,315 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:49,316 INFO L435 NwaCegarLoop]: 575 mSDtfsCounter, 120 mSDsluCounter, 533 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 138 SdHoareTripleChecker+Valid, 1108 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:49,316 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [138 Valid, 1108 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:49,334 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 18930 states. [2025-03-03 14:27:50,002 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 18930 to 18922. [2025-03-03 14:27:50,034 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 18922 states, 15623 states have (on average 1.645458618703194) internal successors, (25707), 15631 states have internal predecessors, (25707), 3273 states have call successors, (3273), 21 states have call predecessors, (3273), 25 states have return successors, (3612), 3271 states have call predecessors, (3612), 3272 states have call successors, (3612) [2025-03-03 14:27:50,113 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 18922 states to 18922 states and 32592 transitions. [2025-03-03 14:27:50,121 INFO L78 Accepts]: Start accepts. Automaton has 18922 states and 32592 transitions. Word has length 123 [2025-03-03 14:27:50,122 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:50,122 INFO L471 AbstractCegarLoop]: Abstraction has 18922 states and 32592 transitions. [2025-03-03 14:27:50,122 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.666666666666668) internal successors, (83), 3 states have internal predecessors, (83), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:50,122 INFO L276 IsEmpty]: Start isEmpty. Operand 18922 states and 32592 transitions. [2025-03-03 14:27:50,149 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 125 [2025-03-03 14:27:50,150 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:50,150 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:50,150 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2025-03-03 14:27:50,150 INFO L396 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:50,150 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:50,150 INFO L85 PathProgramCache]: Analyzing trace with hash -1476973586, now seen corresponding path program 1 times [2025-03-03 14:27:50,151 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:50,151 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [152459567] [2025-03-03 14:27:50,151 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:50,151 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:50,167 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 124 statements into 1 equivalence classes. [2025-03-03 14:27:50,175 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 124 of 124 statements. [2025-03-03 14:27:50,175 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:50,175 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:50,211 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:50,211 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:50,211 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [152459567] [2025-03-03 14:27:50,211 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [152459567] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:50,211 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:50,211 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:50,211 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1644105662] [2025-03-03 14:27:50,211 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:50,211 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:50,211 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:50,212 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:50,212 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:50,212 INFO L87 Difference]: Start difference. First operand 18922 states and 32592 transitions. Second operand has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:51,040 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:51,040 INFO L93 Difference]: Finished difference Result 49989 states and 86449 transitions. [2025-03-03 14:27:51,040 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:51,040 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 124 [2025-03-03 14:27:51,040 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:51,172 INFO L225 Difference]: With dead ends: 49989 [2025-03-03 14:27:51,172 INFO L226 Difference]: Without dead ends: 33785 [2025-03-03 14:27:51,222 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:51,223 INFO L435 NwaCegarLoop]: 566 mSDtfsCounter, 118 mSDsluCounter, 560 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 1126 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:51,223 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 1126 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:51,252 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 33785 states. [2025-03-03 14:27:52,187 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 33785 to 33777. [2025-03-03 14:27:52,245 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 33777 states, 28028 states have (on average 1.6427857856429284) internal successors, (46044), 28036 states have internal predecessors, (46044), 5723 states have call successors, (5723), 21 states have call predecessors, (5723), 25 states have return successors, (6336), 5721 states have call predecessors, (6336), 5722 states have call successors, (6336) [2025-03-03 14:27:52,364 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 33777 states to 33777 states and 58103 transitions. [2025-03-03 14:27:52,380 INFO L78 Accepts]: Start accepts. Automaton has 33777 states and 58103 transitions. Word has length 124 [2025-03-03 14:27:52,381 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:52,381 INFO L471 AbstractCegarLoop]: Abstraction has 33777 states and 58103 transitions. [2025-03-03 14:27:52,381 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:52,381 INFO L276 IsEmpty]: Start isEmpty. Operand 33777 states and 58103 transitions. [2025-03-03 14:27:52,413 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 126 [2025-03-03 14:27:52,413 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:52,414 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:52,414 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable17 [2025-03-03 14:27:52,414 INFO L396 AbstractCegarLoop]: === Iteration 19 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:52,414 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:52,414 INFO L85 PathProgramCache]: Analyzing trace with hash 1409466422, now seen corresponding path program 1 times [2025-03-03 14:27:52,415 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:52,415 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [9649538] [2025-03-03 14:27:52,415 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:52,415 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:52,431 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 125 statements into 1 equivalence classes. [2025-03-03 14:27:52,439 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 125 of 125 statements. [2025-03-03 14:27:52,439 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:52,439 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:52,467 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:52,467 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:52,467 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [9649538] [2025-03-03 14:27:52,467 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [9649538] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:52,467 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:52,467 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:52,467 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [569681108] [2025-03-03 14:27:52,467 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:52,468 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:52,468 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:52,468 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:52,468 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:52,469 INFO L87 Difference]: Start difference. First operand 33777 states and 58103 transitions. Second operand has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:53,848 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:53,849 INFO L93 Difference]: Finished difference Result 92081 states and 158931 transitions. [2025-03-03 14:27:53,849 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:53,849 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 125 [2025-03-03 14:27:53,849 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:54,145 INFO L225 Difference]: With dead ends: 92081 [2025-03-03 14:27:54,145 INFO L226 Difference]: Without dead ends: 61929 [2025-03-03 14:27:54,246 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:54,246 INFO L435 NwaCegarLoop]: 573 mSDtfsCounter, 116 mSDsluCounter, 561 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 1134 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:54,247 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 1134 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:54,294 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 61929 states. [2025-03-03 14:27:56,192 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 61929 to 61921. [2025-03-03 14:27:56,273 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 61921 states, 51659 states have (on average 1.639056118004607) internal successors, (84672), 51667 states have internal predecessors, (84672), 10236 states have call successors, (10236), 21 states have call predecessors, (10236), 25 states have return successors, (11381), 10234 states have call predecessors, (11381), 10235 states have call successors, (11381) [2025-03-03 14:27:56,442 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 61921 states to 61921 states and 106289 transitions. [2025-03-03 14:27:56,471 INFO L78 Accepts]: Start accepts. Automaton has 61921 states and 106289 transitions. Word has length 125 [2025-03-03 14:27:56,472 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:27:56,472 INFO L471 AbstractCegarLoop]: Abstraction has 61921 states and 106289 transitions. [2025-03-03 14:27:56,472 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:56,472 INFO L276 IsEmpty]: Start isEmpty. Operand 61921 states and 106289 transitions. [2025-03-03 14:27:56,502 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 127 [2025-03-03 14:27:56,502 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:27:56,502 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:27:56,502 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable18 [2025-03-03 14:27:56,502 INFO L396 AbstractCegarLoop]: === Iteration 20 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:27:56,502 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:27:56,502 INFO L85 PathProgramCache]: Analyzing trace with hash -1515632305, now seen corresponding path program 1 times [2025-03-03 14:27:56,503 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:27:56,503 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [170736348] [2025-03-03 14:27:56,503 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:27:56,503 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:27:56,516 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 126 statements into 1 equivalence classes. [2025-03-03 14:27:56,525 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 126 of 126 statements. [2025-03-03 14:27:56,525 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:27:56,525 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:27:56,556 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:27:56,557 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:27:56,557 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [170736348] [2025-03-03 14:27:56,557 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [170736348] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:27:56,557 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:27:56,557 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2025-03-03 14:27:56,558 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [237615315] [2025-03-03 14:27:56,558 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:27:56,558 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2025-03-03 14:27:56,558 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:27:56,559 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2025-03-03 14:27:56,559 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:56,559 INFO L87 Difference]: Start difference. First operand 61921 states and 106289 transitions. Second operand has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:27:58,886 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:27:58,887 INFO L93 Difference]: Finished difference Result 115947 states and 199486 transitions. [2025-03-03 14:27:58,888 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2025-03-03 14:27:58,888 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 126 [2025-03-03 14:27:58,889 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:27:59,327 INFO L225 Difference]: With dead ends: 115947 [2025-03-03 14:27:59,327 INFO L226 Difference]: Without dead ends: 115769 [2025-03-03 14:27:59,380 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2025-03-03 14:27:59,382 INFO L435 NwaCegarLoop]: 575 mSDtfsCounter, 111 mSDsluCounter, 565 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 1140 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2025-03-03 14:27:59,382 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 1140 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2025-03-03 14:27:59,468 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 115769 states. [2025-03-03 14:28:02,185 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 115769 to 115761. [2025-03-03 14:28:02,302 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 115761 states, 97131 states have (on average 1.6341847607869784) internal successors, (158730), 97139 states have internal predecessors, (158730), 18604 states have call successors, (18604), 21 states have call predecessors, (18604), 25 states have return successors, (20795), 18602 states have call predecessors, (20795), 18603 states have call successors, (20795) [2025-03-03 14:28:03,050 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 115761 states to 115761 states and 198129 transitions. [2025-03-03 14:28:03,095 INFO L78 Accepts]: Start accepts. Automaton has 115761 states and 198129 transitions. Word has length 126 [2025-03-03 14:28:03,096 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:03,096 INFO L471 AbstractCegarLoop]: Abstraction has 115761 states and 198129 transitions. [2025-03-03 14:28:03,096 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.666666666666668) internal successors, (86), 3 states have internal predecessors, (86), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2025-03-03 14:28:03,096 INFO L276 IsEmpty]: Start isEmpty. Operand 115761 states and 198129 transitions. [2025-03-03 14:28:03,132 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 128 [2025-03-03 14:28:03,136 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:03,137 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:03,137 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable19 [2025-03-03 14:28:03,137 INFO L396 AbstractCegarLoop]: === Iteration 21 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:03,137 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:03,137 INFO L85 PathProgramCache]: Analyzing trace with hash 1736931509, now seen corresponding path program 1 times [2025-03-03 14:28:03,137 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:03,137 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1843224453] [2025-03-03 14:28:03,137 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:03,138 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:03,157 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 127 statements into 1 equivalence classes. [2025-03-03 14:28:03,168 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 127 of 127 statements. [2025-03-03 14:28:03,169 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:03,170 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:03,412 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:28:03,412 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:03,412 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1843224453] [2025-03-03 14:28:03,413 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1843224453] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:03,413 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:03,413 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [12] imperfect sequences [] total 12 [2025-03-03 14:28:03,413 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2060107969] [2025-03-03 14:28:03,413 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:03,413 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2025-03-03 14:28:03,413 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:03,414 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2025-03-03 14:28:03,414 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=111, Unknown=0, NotChecked=0, Total=132 [2025-03-03 14:28:03,415 INFO L87 Difference]: Start difference. First operand 115761 states and 198129 transitions. Second operand has 12 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 5 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (12), 6 states have call predecessors, (12), 5 states have call successors, (12) [2025-03-03 14:28:08,415 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2025-03-03 14:28:08,415 INFO L93 Difference]: Finished difference Result 230644 states and 400236 transitions. [2025-03-03 14:28:08,415 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2025-03-03 14:28:08,416 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 5 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (12), 6 states have call predecessors, (12), 5 states have call successors, (12) Word has length 127 [2025-03-03 14:28:08,416 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2025-03-03 14:28:09,633 INFO L225 Difference]: With dead ends: 230644 [2025-03-03 14:28:09,633 INFO L226 Difference]: Without dead ends: 230472 [2025-03-03 14:28:09,772 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 69 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=125, Invalid=525, Unknown=0, NotChecked=0, Total=650 [2025-03-03 14:28:09,772 INFO L435 NwaCegarLoop]: 690 mSDtfsCounter, 1415 mSDsluCounter, 5825 mSDsCounter, 0 mSdLazyCounter, 1111 mSolverCounterSat, 394 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1415 SdHoareTripleChecker+Valid, 6515 SdHoareTripleChecker+Invalid, 1505 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 394 IncrementalHoareTripleChecker+Valid, 1111 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2025-03-03 14:28:09,773 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [1415 Valid, 6515 Invalid, 1505 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [394 Valid, 1111 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2025-03-03 14:28:09,969 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 230472 states. [2025-03-03 14:28:17,075 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 230472 to 230437. [2025-03-03 14:28:17,305 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 230437 states, 193419 states have (on average 1.634792859026259) internal successors, (316200), 193324 states have internal predecessors, (316200), 36957 states have call successors, (36957), 54 states have call predecessors, (36957), 60 states have return successors, (44619), 37064 states have call predecessors, (44619), 36954 states have call successors, (44619) [2025-03-03 14:28:18,368 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 230437 states to 230437 states and 397776 transitions. [2025-03-03 14:28:18,432 INFO L78 Accepts]: Start accepts. Automaton has 230437 states and 397776 transitions. Word has length 127 [2025-03-03 14:28:18,432 INFO L84 Accepts]: Finished accepts. word is rejected. [2025-03-03 14:28:18,432 INFO L471 AbstractCegarLoop]: Abstraction has 230437 states and 397776 transitions. [2025-03-03 14:28:18,432 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 5 states have call successors, (15), 3 states have call predecessors, (15), 3 states have return successors, (12), 6 states have call predecessors, (12), 5 states have call successors, (12) [2025-03-03 14:28:18,432 INFO L276 IsEmpty]: Start isEmpty. Operand 230437 states and 397776 transitions. [2025-03-03 14:28:18,499 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 129 [2025-03-03 14:28:18,499 INFO L210 NwaCegarLoop]: Found error trace [2025-03-03 14:28:18,499 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2025-03-03 14:28:18,499 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable20 [2025-03-03 14:28:18,500 INFO L396 AbstractCegarLoop]: === Iteration 22 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2025-03-03 14:28:18,500 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2025-03-03 14:28:18,500 INFO L85 PathProgramCache]: Analyzing trace with hash 309345841, now seen corresponding path program 1 times [2025-03-03 14:28:18,500 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2025-03-03 14:28:18,500 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [415376989] [2025-03-03 14:28:18,500 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2025-03-03 14:28:18,500 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2025-03-03 14:28:18,514 INFO L108 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY partitioned 128 statements into 1 equivalence classes. [2025-03-03 14:28:18,524 INFO L111 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) and asserted 128 of 128 statements. [2025-03-03 14:28:18,525 INFO L114 AnnotateAndAsserter]: Assert order NOT_INCREMENTALLY issued 1 check-sat command(s) [2025-03-03 14:28:18,525 INFO L115 AnnotateAndAsserter]: Conjunction of SSA is unsat [2025-03-03 14:28:18,584 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2025-03-03 14:28:18,584 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2025-03-03 14:28:18,584 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [415376989] [2025-03-03 14:28:18,585 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [415376989] provided 1 perfect and 0 imperfect interpolant sequences [2025-03-03 14:28:18,585 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2025-03-03 14:28:18,585 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2025-03-03 14:28:18,585 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2002959081] [2025-03-03 14:28:18,585 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2025-03-03 14:28:18,585 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2025-03-03 14:28:18,585 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2025-03-03 14:28:18,586 INFO L144 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2025-03-03 14:28:18,586 INFO L146 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2025-03-03 14:28:18,586 INFO L87 Difference]: Start difference. First operand 230437 states and 397776 transitions. Second operand has 4 states, 4 states have (on average 22.0) internal successors, (88), 4 states have internal predecessors, (88), 2 states have call successors, (15), 2 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12)