./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/email_spec9_product14.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 0e0057cc Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/email_spec9_product14.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash b949d09d593112e13964b4b5b0eef0c6cd05359df7437e0305220f7a663828f7 --- Real Ultimate output --- This is Ultimate 0.2.4-dev-0e0057c [2023-11-26 10:46:26,014 INFO L188 SettingsManager]: Resetting all preferences to default values... [2023-11-26 10:46:26,125 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/config/svcomp-Reach-32bit-Automizer_Default.epf [2023-11-26 10:46:26,131 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2023-11-26 10:46:26,132 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2023-11-26 10:46:26,161 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2023-11-26 10:46:26,162 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2023-11-26 10:46:26,163 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2023-11-26 10:46:26,163 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2023-11-26 10:46:26,164 INFO L153 SettingsManager]: * Use memory slicer=true [2023-11-26 10:46:26,165 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2023-11-26 10:46:26,165 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2023-11-26 10:46:26,166 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2023-11-26 10:46:26,167 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2023-11-26 10:46:26,168 INFO L153 SettingsManager]: * Use SBE=true [2023-11-26 10:46:26,168 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2023-11-26 10:46:26,169 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2023-11-26 10:46:26,170 INFO L153 SettingsManager]: * sizeof long=4 [2023-11-26 10:46:26,170 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2023-11-26 10:46:26,171 INFO L153 SettingsManager]: * sizeof POINTER=4 [2023-11-26 10:46:26,172 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2023-11-26 10:46:26,173 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2023-11-26 10:46:26,173 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2023-11-26 10:46:26,174 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2023-11-26 10:46:26,174 INFO L153 SettingsManager]: * sizeof long double=12 [2023-11-26 10:46:26,175 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2023-11-26 10:46:26,176 INFO L153 SettingsManager]: * Use constant arrays=true [2023-11-26 10:46:26,176 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2023-11-26 10:46:26,177 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2023-11-26 10:46:26,177 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2023-11-26 10:46:26,178 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2023-11-26 10:46:26,178 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2023-11-26 10:46:26,179 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2023-11-26 10:46:26,179 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2023-11-26 10:46:26,180 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2023-11-26 10:46:26,180 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2023-11-26 10:46:26,181 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2023-11-26 10:46:26,181 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2023-11-26 10:46:26,182 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2023-11-26 10:46:26,182 INFO L153 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2023-11-26 10:46:26,183 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2023-11-26 10:46:26,183 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2023-11-26 10:46:26,184 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> b949d09d593112e13964b4b5b0eef0c6cd05359df7437e0305220f7a663828f7 [2023-11-26 10:46:26,476 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2023-11-26 10:46:26,517 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2023-11-26 10:46:26,521 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2023-11-26 10:46:26,523 INFO L270 PluginConnector]: Initializing CDTParser... [2023-11-26 10:46:26,524 INFO L274 PluginConnector]: CDTParser initialized [2023-11-26 10:46:26,525 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/../../sv-benchmarks/c/product-lines/email_spec9_product14.cil.c [2023-11-26 10:46:29,727 INFO L533 CDTParser]: Created temporary CDT project at NULL [2023-11-26 10:46:30,081 INFO L384 CDTParser]: Found 1 translation units. [2023-11-26 10:46:30,082 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/sv-benchmarks/c/product-lines/email_spec9_product14.cil.c [2023-11-26 10:46:30,104 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/data/dd004e643/eafe1fc25ac840f1b2111e716989cecb/FLAGd9d1b3fe5 [2023-11-26 10:46:30,118 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/data/dd004e643/eafe1fc25ac840f1b2111e716989cecb [2023-11-26 10:46:30,120 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2023-11-26 10:46:30,122 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2023-11-26 10:46:30,123 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2023-11-26 10:46:30,124 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2023-11-26 10:46:30,129 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2023-11-26 10:46:30,129 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:30,131 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2da6cfa0 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30, skipping insertion in model container [2023-11-26 10:46:30,131 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:30,207 INFO L177 MainTranslator]: Built tables and reachable declarations [2023-11-26 10:46:30,474 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/sv-benchmarks/c/product-lines/email_spec9_product14.cil.c[8145,8158] [2023-11-26 10:46:30,792 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-11-26 10:46:30,816 INFO L202 MainTranslator]: Completed pre-run [2023-11-26 10:46:30,826 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [48] [2023-11-26 10:46:30,828 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EncryptForward_spec.i","") [368] [2023-11-26 10:46:30,828 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [412] [2023-11-26 10:46:30,828 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Client.i","") [421] [2023-11-26 10:46:30,828 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [707] [2023-11-26 10:46:30,829 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [742] [2023-11-26 10:46:30,829 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Util.i","") [958] [2023-11-26 10:46:30,829 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [975] [2023-11-26 10:46:30,829 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Email.i","") [1341] [2023-11-26 10:46:30,829 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"ClientLib.i","") [1447] [2023-11-26 10:46:30,830 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"EmailLib.i","") [2511] [2023-11-26 10:46:30,845 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/sv-benchmarks/c/product-lines/email_spec9_product14.cil.c[8145,8158] [2023-11-26 10:46:30,914 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-11-26 10:46:30,945 WARN L675 CHandler]: The function puts is called, but not defined or handled by StandardFunctionHandler. [2023-11-26 10:46:30,951 INFO L206 MainTranslator]: Completed translation [2023-11-26 10:46:30,952 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30 WrapperNode [2023-11-26 10:46:30,953 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2023-11-26 10:46:30,954 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2023-11-26 10:46:30,954 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2023-11-26 10:46:30,954 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2023-11-26 10:46:30,965 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:30,998 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:31,061 INFO L138 Inliner]: procedures = 126, calls = 210, calls flagged for inlining = 51, calls inlined = 43, statements flattened = 932 [2023-11-26 10:46:31,062 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2023-11-26 10:46:31,063 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2023-11-26 10:46:31,063 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2023-11-26 10:46:31,063 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2023-11-26 10:46:31,075 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:31,076 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:31,083 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:31,136 INFO L175 MemorySlicer]: Split 14 memory accesses to 4 slices as follows [2, 4, 4, 4]. 29 percent of accesses are in the largest equivalence class. The 14 initializations are split as follows [2, 4, 4, 4]. The 0 writes are split as follows [0, 0, 0, 0]. [2023-11-26 10:46:31,137 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:31,137 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:31,184 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:31,194 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:31,215 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:31,220 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:31,238 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2023-11-26 10:46:31,239 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2023-11-26 10:46:31,239 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2023-11-26 10:46:31,239 INFO L274 PluginConnector]: RCFGBuilder initialized [2023-11-26 10:46:31,240 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (1/1) ... [2023-11-26 10:46:31,255 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2023-11-26 10:46:31,268 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 [2023-11-26 10:46:31,285 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2023-11-26 10:46:31,318 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2023-11-26 10:46:31,329 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookSize [2023-11-26 10:46:31,329 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookSize [2023-11-26 10:46:31,329 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailEncryptionKey [2023-11-26 10:46:31,330 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailEncryptionKey [2023-11-26 10:46:31,330 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookAddress [2023-11-26 10:46:31,330 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookAddress [2023-11-26 10:46:31,331 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailEncryptionKey [2023-11-26 10:46:31,331 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailEncryptionKey [2023-11-26 10:46:31,332 INFO L130 BoogieDeclarations]: Found specification of procedure getEmailTo [2023-11-26 10:46:31,332 INFO L138 BoogieDeclarations]: Found implementation of procedure getEmailTo [2023-11-26 10:46:31,332 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailFrom [2023-11-26 10:46:31,333 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailFrom [2023-11-26 10:46:31,333 INFO L130 BoogieDeclarations]: Found specification of procedure createClientKeyringEntry [2023-11-26 10:46:31,334 INFO L138 BoogieDeclarations]: Found implementation of procedure createClientKeyringEntry [2023-11-26 10:46:31,334 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailIsEncrypted [2023-11-26 10:46:31,335 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailIsEncrypted [2023-11-26 10:46:31,335 INFO L130 BoogieDeclarations]: Found specification of procedure chuckKeyAdd [2023-11-26 10:46:31,337 INFO L138 BoogieDeclarations]: Found implementation of procedure chuckKeyAdd [2023-11-26 10:46:31,338 INFO L130 BoogieDeclarations]: Found specification of procedure puts [2023-11-26 10:46:31,338 INFO L130 BoogieDeclarations]: Found specification of procedure setClientId [2023-11-26 10:46:31,338 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientId [2023-11-26 10:46:31,338 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2023-11-26 10:46:31,339 INFO L130 BoogieDeclarations]: Found specification of procedure setClientAddressBookSize [2023-11-26 10:46:31,339 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientAddressBookSize [2023-11-26 10:46:31,339 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringUser [2023-11-26 10:46:31,340 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringUser [2023-11-26 10:46:31,340 INFO L130 BoogieDeclarations]: Found specification of procedure setClientKeyringPublicKey [2023-11-26 10:46:31,340 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientKeyringPublicKey [2023-11-26 10:46:31,340 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing [2023-11-26 10:46:31,340 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing [2023-11-26 10:46:31,340 INFO L130 BoogieDeclarations]: Found specification of procedure outgoing__wrappee__Encrypt [2023-11-26 10:46:31,341 INFO L138 BoogieDeclarations]: Found implementation of procedure outgoing__wrappee__Encrypt [2023-11-26 10:46:31,341 INFO L130 BoogieDeclarations]: Found specification of procedure sendEmail [2023-11-26 10:46:31,341 INFO L138 BoogieDeclarations]: Found implementation of procedure sendEmail [2023-11-26 10:46:31,341 INFO L130 BoogieDeclarations]: Found specification of procedure isEncrypted [2023-11-26 10:46:31,341 INFO L138 BoogieDeclarations]: Found implementation of procedure isEncrypted [2023-11-26 10:46:31,341 INFO L130 BoogieDeclarations]: Found specification of procedure setClientPrivateKey [2023-11-26 10:46:31,342 INFO L138 BoogieDeclarations]: Found implementation of procedure setClientPrivateKey [2023-11-26 10:46:31,342 INFO L130 BoogieDeclarations]: Found specification of procedure setEmailTo [2023-11-26 10:46:31,342 INFO L138 BoogieDeclarations]: Found implementation of procedure setEmailTo [2023-11-26 10:46:31,342 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2023-11-26 10:46:31,342 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#1 [2023-11-26 10:46:31,342 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#2 [2023-11-26 10:46:31,343 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#3 [2023-11-26 10:46:31,343 INFO L130 BoogieDeclarations]: Found specification of procedure generateKeyPair [2023-11-26 10:46:31,343 INFO L138 BoogieDeclarations]: Found implementation of procedure generateKeyPair [2023-11-26 10:46:31,343 INFO L130 BoogieDeclarations]: Found specification of procedure getClientAddressBookAddress [2023-11-26 10:46:31,343 INFO L138 BoogieDeclarations]: Found implementation of procedure getClientAddressBookAddress [2023-11-26 10:46:31,343 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2023-11-26 10:46:31,344 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2023-11-26 10:46:31,644 INFO L241 CfgBuilder]: Building ICFG [2023-11-26 10:46:31,647 INFO L267 CfgBuilder]: Building CFG for each procedure with an implementation [2023-11-26 10:46:32,578 INFO L282 CfgBuilder]: Performing block encoding [2023-11-26 10:46:32,680 INFO L304 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2023-11-26 10:46:32,681 INFO L309 CfgBuilder]: Removed 1 assume(true) statements. [2023-11-26 10:46:32,682 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 26.11 10:46:32 BoogieIcfgContainer [2023-11-26 10:46:32,682 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2023-11-26 10:46:32,684 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2023-11-26 10:46:32,684 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2023-11-26 10:46:32,688 INFO L274 PluginConnector]: TraceAbstraction initialized [2023-11-26 10:46:32,688 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 26.11 10:46:30" (1/3) ... [2023-11-26 10:46:32,689 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@52eb1eb9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 26.11 10:46:32, skipping insertion in model container [2023-11-26 10:46:32,690 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 26.11 10:46:30" (2/3) ... [2023-11-26 10:46:32,691 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@52eb1eb9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 26.11 10:46:32, skipping insertion in model container [2023-11-26 10:46:32,691 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 26.11 10:46:32" (3/3) ... [2023-11-26 10:46:32,693 INFO L112 eAbstractionObserver]: Analyzing ICFG email_spec9_product14.cil.c [2023-11-26 10:46:32,717 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2023-11-26 10:46:32,717 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2023-11-26 10:46:32,787 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2023-11-26 10:46:32,793 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@704832cf, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2023-11-26 10:46:32,794 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2023-11-26 10:46:32,800 INFO L276 IsEmpty]: Start isEmpty. Operand has 320 states, 245 states have (on average 1.6408163265306122) internal successors, (402), 250 states have internal predecessors, (402), 52 states have call successors, (52), 21 states have call predecessors, (52), 21 states have return successors, (52), 51 states have call predecessors, (52), 52 states have call successors, (52) [2023-11-26 10:46:32,856 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 93 [2023-11-26 10:46:32,856 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:32,858 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:32,859 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:32,865 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:32,865 INFO L85 PathProgramCache]: Analyzing trace with hash 1521685254, now seen corresponding path program 1 times [2023-11-26 10:46:32,877 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:32,877 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [883117905] [2023-11-26 10:46:32,877 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:32,878 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:33,086 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,605 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:33,609 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,623 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:33,626 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,629 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:33,633 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,660 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2023-11-26 10:46:33,663 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,666 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2023-11-26 10:46:33,669 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,671 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2023-11-26 10:46:33,674 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,687 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 42 [2023-11-26 10:46:33,689 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,702 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2023-11-26 10:46:33,706 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,708 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 55 [2023-11-26 10:46:33,710 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,712 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2023-11-26 10:46:33,714 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,716 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2023-11-26 10:46:33,718 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,720 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 84 [2023-11-26 10:46:33,722 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:33,725 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2023-11-26 10:46:33,726 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:33,726 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [883117905] [2023-11-26 10:46:33,727 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [883117905] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-26 10:46:33,727 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1403870744] [2023-11-26 10:46:33,727 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:33,728 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-26 10:46:33,728 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 [2023-11-26 10:46:33,734 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-26 10:46:33,773 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2023-11-26 10:46:34,115 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:34,137 INFO L262 TraceCheckSpWp]: Trace formula consists of 985 conjuncts, 1 conjunts are in the unsatisfiable core [2023-11-26 10:46:34,150 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-26 10:46:34,175 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2023-11-26 10:46:34,176 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-11-26 10:46:34,176 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1403870744] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:46:34,177 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2023-11-26 10:46:34,177 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [9] total 9 [2023-11-26 10:46:34,179 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2105529635] [2023-11-26 10:46:34,180 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:46:34,186 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2023-11-26 10:46:34,186 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:34,218 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2023-11-26 10:46:34,219 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2023-11-26 10:46:34,223 INFO L87 Difference]: Start difference. First operand has 320 states, 245 states have (on average 1.6408163265306122) internal successors, (402), 250 states have internal predecessors, (402), 52 states have call successors, (52), 21 states have call predecessors, (52), 21 states have return successors, (52), 51 states have call predecessors, (52), 52 states have call successors, (52) Second operand has 2 states, 2 states have (on average 25.0) internal successors, (50), 2 states have internal predecessors, (50), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:46:34,312 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:46:34,312 INFO L93 Difference]: Finished difference Result 460 states and 718 transitions. [2023-11-26 10:46:34,313 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2023-11-26 10:46:34,315 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 25.0) internal successors, (50), 2 states have internal predecessors, (50), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 92 [2023-11-26 10:46:34,316 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:46:34,336 INFO L225 Difference]: With dead ends: 460 [2023-11-26 10:46:34,336 INFO L226 Difference]: Without dead ends: 317 [2023-11-26 10:46:34,345 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 119 GetRequests, 112 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2023-11-26 10:46:34,353 INFO L413 NwaCegarLoop]: 491 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 12 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 491 SdHoareTripleChecker+Invalid, 12 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 12 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-26 10:46:34,355 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 491 Invalid, 12 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 12 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-26 10:46:34,377 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 317 states. [2023-11-26 10:46:34,459 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 317 to 317. [2023-11-26 10:46:34,462 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 317 states, 243 states have (on average 1.625514403292181) internal successors, (395), 247 states have internal predecessors, (395), 52 states have call successors, (52), 21 states have call predecessors, (52), 21 states have return successors, (51), 50 states have call predecessors, (51), 51 states have call successors, (51) [2023-11-26 10:46:34,474 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 317 states to 317 states and 498 transitions. [2023-11-26 10:46:34,476 INFO L78 Accepts]: Start accepts. Automaton has 317 states and 498 transitions. Word has length 92 [2023-11-26 10:46:34,477 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:46:34,478 INFO L495 AbstractCegarLoop]: Abstraction has 317 states and 498 transitions. [2023-11-26 10:46:34,478 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 25.0) internal successors, (50), 2 states have internal predecessors, (50), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:46:34,478 INFO L276 IsEmpty]: Start isEmpty. Operand 317 states and 498 transitions. [2023-11-26 10:46:34,487 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 94 [2023-11-26 10:46:34,487 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:34,487 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:34,501 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2023-11-26 10:46:34,696 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable0 [2023-11-26 10:46:34,696 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:34,697 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:34,697 INFO L85 PathProgramCache]: Analyzing trace with hash 1087534401, now seen corresponding path program 1 times [2023-11-26 10:46:34,697 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:34,698 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2106095354] [2023-11-26 10:46:34,698 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:34,698 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:34,736 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:34,979 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:34,982 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:34,994 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:34,996 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:34,999 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:35,002 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:35,026 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2023-11-26 10:46:35,028 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:35,031 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2023-11-26 10:46:35,034 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:35,036 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2023-11-26 10:46:35,039 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:35,052 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2023-11-26 10:46:35,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:35,067 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2023-11-26 10:46:35,068 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:35,070 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2023-11-26 10:46:35,072 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:35,074 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 65 [2023-11-26 10:46:35,076 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:35,078 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 78 [2023-11-26 10:46:35,080 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:35,082 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 85 [2023-11-26 10:46:35,083 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:35,086 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2023-11-26 10:46:35,086 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:35,086 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2106095354] [2023-11-26 10:46:35,087 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2106095354] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-26 10:46:35,087 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1116494972] [2023-11-26 10:46:35,087 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:35,088 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-26 10:46:35,088 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 [2023-11-26 10:46:35,089 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-26 10:46:35,116 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2023-11-26 10:46:35,458 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:35,463 INFO L262 TraceCheckSpWp]: Trace formula consists of 986 conjuncts, 2 conjunts are in the unsatisfiable core [2023-11-26 10:46:35,471 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-26 10:46:35,510 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2023-11-26 10:46:35,510 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-11-26 10:46:35,510 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1116494972] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:46:35,511 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2023-11-26 10:46:35,511 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [9] total 10 [2023-11-26 10:46:35,511 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [63580753] [2023-11-26 10:46:35,512 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:46:35,513 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-26 10:46:35,513 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:35,514 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-26 10:46:35,514 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=73, Unknown=0, NotChecked=0, Total=90 [2023-11-26 10:46:35,515 INFO L87 Difference]: Start difference. First operand 317 states and 498 transitions. Second operand has 3 states, 3 states have (on average 17.0) internal successors, (51), 3 states have internal predecessors, (51), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:46:35,597 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:46:35,598 INFO L93 Difference]: Finished difference Result 456 states and 702 transitions. [2023-11-26 10:46:35,598 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-26 10:46:35,599 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 17.0) internal successors, (51), 3 states have internal predecessors, (51), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 93 [2023-11-26 10:46:35,599 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:46:35,604 INFO L225 Difference]: With dead ends: 456 [2023-11-26 10:46:35,604 INFO L226 Difference]: Without dead ends: 319 [2023-11-26 10:46:35,606 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 120 GetRequests, 112 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=17, Invalid=73, Unknown=0, NotChecked=0, Total=90 [2023-11-26 10:46:35,607 INFO L413 NwaCegarLoop]: 488 mSDtfsCounter, 0 mSDsluCounter, 487 mSDsCounter, 0 mSdLazyCounter, 20 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 975 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 20 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-26 10:46:35,608 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 975 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 20 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-26 10:46:35,610 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 319 states. [2023-11-26 10:46:35,625 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 319 to 319. [2023-11-26 10:46:35,626 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 319 states, 245 states have (on average 1.620408163265306) internal successors, (397), 249 states have internal predecessors, (397), 52 states have call successors, (52), 21 states have call predecessors, (52), 21 states have return successors, (51), 50 states have call predecessors, (51), 51 states have call successors, (51) [2023-11-26 10:46:35,630 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 319 states to 319 states and 500 transitions. [2023-11-26 10:46:35,630 INFO L78 Accepts]: Start accepts. Automaton has 319 states and 500 transitions. Word has length 93 [2023-11-26 10:46:35,631 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:46:35,631 INFO L495 AbstractCegarLoop]: Abstraction has 319 states and 500 transitions. [2023-11-26 10:46:35,631 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 17.0) internal successors, (51), 3 states have internal predecessors, (51), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:46:35,632 INFO L276 IsEmpty]: Start isEmpty. Operand 319 states and 500 transitions. [2023-11-26 10:46:35,636 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2023-11-26 10:46:35,636 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:35,637 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:35,646 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2023-11-26 10:46:35,845 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable1 [2023-11-26 10:46:35,845 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:35,846 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:35,846 INFO L85 PathProgramCache]: Analyzing trace with hash -1671240446, now seen corresponding path program 1 times [2023-11-26 10:46:35,846 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:35,846 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1086885329] [2023-11-26 10:46:35,846 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:35,847 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:35,885 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,125 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:36,127 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,139 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:36,141 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,144 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:36,148 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,172 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2023-11-26 10:46:36,174 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,176 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2023-11-26 10:46:36,179 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,181 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2023-11-26 10:46:36,183 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,198 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2023-11-26 10:46:36,200 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,216 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 53 [2023-11-26 10:46:36,217 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,219 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2023-11-26 10:46:36,222 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,224 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 70 [2023-11-26 10:46:36,228 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,229 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 83 [2023-11-26 10:46:36,231 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,233 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 90 [2023-11-26 10:46:36,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,237 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2023-11-26 10:46:36,237 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:36,238 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1086885329] [2023-11-26 10:46:36,239 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1086885329] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-26 10:46:36,240 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1659196998] [2023-11-26 10:46:36,240 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:36,241 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-26 10:46:36,241 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 [2023-11-26 10:46:36,242 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-26 10:46:36,266 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2023-11-26 10:46:36,544 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:36,549 INFO L262 TraceCheckSpWp]: Trace formula consists of 998 conjuncts, 3 conjunts are in the unsatisfiable core [2023-11-26 10:46:36,555 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-26 10:46:36,576 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2023-11-26 10:46:36,576 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-11-26 10:46:36,576 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1659196998] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:46:36,577 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2023-11-26 10:46:36,577 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [9] total 10 [2023-11-26 10:46:36,577 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1393990142] [2023-11-26 10:46:36,577 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:46:36,578 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-26 10:46:36,578 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:36,580 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-26 10:46:36,581 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=73, Unknown=0, NotChecked=0, Total=90 [2023-11-26 10:46:36,581 INFO L87 Difference]: Start difference. First operand 319 states and 500 transitions. Second operand has 3 states, 3 states have (on average 18.666666666666668) internal successors, (56), 3 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:46:36,645 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:46:36,645 INFO L93 Difference]: Finished difference Result 682 states and 1085 transitions. [2023-11-26 10:46:36,646 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-26 10:46:36,646 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 18.666666666666668) internal successors, (56), 3 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 98 [2023-11-26 10:46:36,646 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:46:36,650 INFO L225 Difference]: With dead ends: 682 [2023-11-26 10:46:36,650 INFO L226 Difference]: Without dead ends: 385 [2023-11-26 10:46:36,652 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 125 GetRequests, 117 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=17, Invalid=73, Unknown=0, NotChecked=0, Total=90 [2023-11-26 10:46:36,654 INFO L413 NwaCegarLoop]: 497 mSDtfsCounter, 122 mSDsluCounter, 443 mSDsCounter, 0 mSdLazyCounter, 23 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 140 SdHoareTripleChecker+Valid, 940 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 23 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-26 10:46:36,655 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [140 Valid, 940 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 23 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-26 10:46:36,656 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 385 states. [2023-11-26 10:46:36,673 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 385 to 380. [2023-11-26 10:46:36,674 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 380 states, 292 states have (on average 1.6335616438356164) internal successors, (477), 296 states have internal predecessors, (477), 66 states have call successors, (66), 21 states have call predecessors, (66), 21 states have return successors, (65), 64 states have call predecessors, (65), 65 states have call successors, (65) [2023-11-26 10:46:36,678 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 380 states to 380 states and 608 transitions. [2023-11-26 10:46:36,678 INFO L78 Accepts]: Start accepts. Automaton has 380 states and 608 transitions. Word has length 98 [2023-11-26 10:46:36,679 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:46:36,679 INFO L495 AbstractCegarLoop]: Abstraction has 380 states and 608 transitions. [2023-11-26 10:46:36,680 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 18.666666666666668) internal successors, (56), 3 states have internal predecessors, (56), 2 states have call successors, (15), 2 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:46:36,680 INFO L276 IsEmpty]: Start isEmpty. Operand 380 states and 608 transitions. [2023-11-26 10:46:36,683 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 100 [2023-11-26 10:46:36,683 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:36,683 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:36,696 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2023-11-26 10:46:36,891 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-26 10:46:36,892 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:36,892 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:36,892 INFO L85 PathProgramCache]: Analyzing trace with hash 1383550763, now seen corresponding path program 1 times [2023-11-26 10:46:36,893 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:36,893 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [250389175] [2023-11-26 10:46:36,893 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:36,893 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:36,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,078 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:37,081 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,091 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:37,093 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,095 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:37,097 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,118 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2023-11-26 10:46:37,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,122 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2023-11-26 10:46:37,124 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,126 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2023-11-26 10:46:37,129 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,140 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2023-11-26 10:46:37,141 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,155 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 54 [2023-11-26 10:46:37,157 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,158 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2023-11-26 10:46:37,160 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,161 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 71 [2023-11-26 10:46:37,163 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,164 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 84 [2023-11-26 10:46:37,165 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,167 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 91 [2023-11-26 10:46:37,168 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,170 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 3 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2023-11-26 10:46:37,170 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:37,171 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [250389175] [2023-11-26 10:46:37,171 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [250389175] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-26 10:46:37,171 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1362123630] [2023-11-26 10:46:37,171 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:37,172 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-26 10:46:37,172 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 [2023-11-26 10:46:37,173 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-26 10:46:37,176 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2023-11-26 10:46:37,474 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:37,479 INFO L262 TraceCheckSpWp]: Trace formula consists of 1003 conjuncts, 8 conjunts are in the unsatisfiable core [2023-11-26 10:46:37,483 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-26 10:46:37,556 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2023-11-26 10:46:37,556 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-11-26 10:46:37,556 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1362123630] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:46:37,557 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2023-11-26 10:46:37,557 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [9] total 12 [2023-11-26 10:46:37,557 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1575232974] [2023-11-26 10:46:37,557 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:46:37,558 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-26 10:46:37,558 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:37,559 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-26 10:46:37,559 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=108, Unknown=0, NotChecked=0, Total=132 [2023-11-26 10:46:37,560 INFO L87 Difference]: Start difference. First operand 380 states and 608 transitions. Second operand has 5 states, 4 states have (on average 16.25) internal successors, (65), 5 states have internal predecessors, (65), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2023-11-26 10:46:37,671 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:46:37,672 INFO L93 Difference]: Finished difference Result 755 states and 1210 transitions. [2023-11-26 10:46:37,672 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2023-11-26 10:46:37,672 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 4 states have (on average 16.25) internal successors, (65), 5 states have internal predecessors, (65), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 99 [2023-11-26 10:46:37,673 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:46:37,676 INFO L225 Difference]: With dead ends: 755 [2023-11-26 10:46:37,676 INFO L226 Difference]: Without dead ends: 382 [2023-11-26 10:46:37,678 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 127 GetRequests, 116 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=28, Invalid=128, Unknown=0, NotChecked=0, Total=156 [2023-11-26 10:46:37,679 INFO L413 NwaCegarLoop]: 479 mSDtfsCounter, 8 mSDsluCounter, 1426 mSDsCounter, 0 mSdLazyCounter, 76 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 9 SdHoareTripleChecker+Valid, 1905 SdHoareTripleChecker+Invalid, 76 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 76 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-26 10:46:37,680 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [9 Valid, 1905 Invalid, 76 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 76 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-26 10:46:37,681 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 382 states. [2023-11-26 10:46:37,696 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 382 to 382. [2023-11-26 10:46:37,697 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 382 states, 293 states have (on average 1.6313993174061434) internal successors, (478), 298 states have internal predecessors, (478), 66 states have call successors, (66), 21 states have call predecessors, (66), 22 states have return successors, (67), 64 states have call predecessors, (67), 65 states have call successors, (67) [2023-11-26 10:46:37,701 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 382 states to 382 states and 611 transitions. [2023-11-26 10:46:37,701 INFO L78 Accepts]: Start accepts. Automaton has 382 states and 611 transitions. Word has length 99 [2023-11-26 10:46:37,701 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:46:37,702 INFO L495 AbstractCegarLoop]: Abstraction has 382 states and 611 transitions. [2023-11-26 10:46:37,702 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 4 states have (on average 16.25) internal successors, (65), 5 states have internal predecessors, (65), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2023-11-26 10:46:37,702 INFO L276 IsEmpty]: Start isEmpty. Operand 382 states and 611 transitions. [2023-11-26 10:46:37,705 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 101 [2023-11-26 10:46:37,705 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:37,705 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:37,718 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2023-11-26 10:46:37,913 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-26 10:46:37,913 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:37,915 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:37,915 INFO L85 PathProgramCache]: Analyzing trace with hash 555956960, now seen corresponding path program 1 times [2023-11-26 10:46:37,915 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:37,915 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1718276523] [2023-11-26 10:46:37,915 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:37,916 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:37,944 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,107 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:38,109 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,121 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:38,124 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,125 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:38,128 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,164 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:46:38,166 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,191 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2023-11-26 10:46:38,193 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,195 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2023-11-26 10:46:38,198 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,211 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2023-11-26 10:46:38,212 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,228 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 55 [2023-11-26 10:46:38,229 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,231 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 63 [2023-11-26 10:46:38,232 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,233 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2023-11-26 10:46:38,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,236 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 85 [2023-11-26 10:46:38,237 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,240 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 92 [2023-11-26 10:46:38,241 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,243 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 6 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2023-11-26 10:46:38,243 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:38,243 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1718276523] [2023-11-26 10:46:38,243 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1718276523] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-26 10:46:38,243 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [4682906] [2023-11-26 10:46:38,243 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:38,244 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-26 10:46:38,244 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 [2023-11-26 10:46:38,246 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-26 10:46:38,266 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2023-11-26 10:46:38,552 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:38,557 INFO L262 TraceCheckSpWp]: Trace formula consists of 1004 conjuncts, 6 conjunts are in the unsatisfiable core [2023-11-26 10:46:38,561 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-26 10:46:38,630 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2023-11-26 10:46:38,630 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-11-26 10:46:38,631 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [4682906] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:46:38,631 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2023-11-26 10:46:38,631 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [12] total 15 [2023-11-26 10:46:38,631 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [283364462] [2023-11-26 10:46:38,631 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:46:38,632 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-26 10:46:38,632 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:38,633 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-26 10:46:38,633 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=180, Unknown=0, NotChecked=0, Total=210 [2023-11-26 10:46:38,634 INFO L87 Difference]: Start difference. First operand 382 states and 611 transitions. Second operand has 5 states, 5 states have (on average 13.4) internal successors, (67), 5 states have internal predecessors, (67), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2023-11-26 10:46:38,756 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:46:38,756 INFO L93 Difference]: Finished difference Result 757 states and 1215 transitions. [2023-11-26 10:46:38,757 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2023-11-26 10:46:38,757 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 13.4) internal successors, (67), 5 states have internal predecessors, (67), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 100 [2023-11-26 10:46:38,757 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:46:38,760 INFO L225 Difference]: With dead ends: 757 [2023-11-26 10:46:38,761 INFO L226 Difference]: Without dead ends: 384 [2023-11-26 10:46:38,762 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 130 GetRequests, 116 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=34, Invalid=206, Unknown=0, NotChecked=0, Total=240 [2023-11-26 10:46:38,763 INFO L413 NwaCegarLoop]: 477 mSDtfsCounter, 8 mSDsluCounter, 1414 mSDsCounter, 0 mSdLazyCounter, 88 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 9 SdHoareTripleChecker+Valid, 1891 SdHoareTripleChecker+Invalid, 88 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 88 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-26 10:46:38,764 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [9 Valid, 1891 Invalid, 88 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 88 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-26 10:46:38,765 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 384 states. [2023-11-26 10:46:38,781 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 384 to 384. [2023-11-26 10:46:38,782 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 384 states, 294 states have (on average 1.629251700680272) internal successors, (479), 300 states have internal predecessors, (479), 66 states have call successors, (66), 21 states have call predecessors, (66), 23 states have return successors, (72), 64 states have call predecessors, (72), 65 states have call successors, (72) [2023-11-26 10:46:38,785 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 384 states to 384 states and 617 transitions. [2023-11-26 10:46:38,786 INFO L78 Accepts]: Start accepts. Automaton has 384 states and 617 transitions. Word has length 100 [2023-11-26 10:46:38,786 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:46:38,786 INFO L495 AbstractCegarLoop]: Abstraction has 384 states and 617 transitions. [2023-11-26 10:46:38,786 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 13.4) internal successors, (67), 5 states have internal predecessors, (67), 3 states have call successors, (15), 2 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2023-11-26 10:46:38,787 INFO L276 IsEmpty]: Start isEmpty. Operand 384 states and 617 transitions. [2023-11-26 10:46:38,789 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 102 [2023-11-26 10:46:38,789 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:38,790 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:38,802 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2023-11-26 10:46:38,997 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4,6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-26 10:46:38,998 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:38,998 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:38,998 INFO L85 PathProgramCache]: Analyzing trace with hash -1751736992, now seen corresponding path program 1 times [2023-11-26 10:46:38,998 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:38,998 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1974946083] [2023-11-26 10:46:38,998 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:38,999 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:39,025 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,173 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:39,175 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,185 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:39,187 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,188 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:39,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,192 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:46:39,194 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,196 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:46:39,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,221 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2023-11-26 10:46:39,223 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,234 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 51 [2023-11-26 10:46:39,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,246 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2023-11-26 10:46:39,248 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,249 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2023-11-26 10:46:39,250 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,252 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 73 [2023-11-26 10:46:39,253 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,254 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 86 [2023-11-26 10:46:39,256 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,257 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 93 [2023-11-26 10:46:39,258 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:39,260 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2023-11-26 10:46:39,260 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:39,260 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1974946083] [2023-11-26 10:46:39,260 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1974946083] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:46:39,261 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-26 10:46:39,261 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2023-11-26 10:46:39,261 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [753525474] [2023-11-26 10:46:39,261 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:46:39,262 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2023-11-26 10:46:39,262 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:39,262 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2023-11-26 10:46:39,262 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2023-11-26 10:46:39,263 INFO L87 Difference]: Start difference. First operand 384 states and 617 transitions. Second operand has 9 states, 8 states have (on average 7.875) internal successors, (63), 5 states have internal predecessors, (63), 3 states have call successors, (15), 6 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2023-11-26 10:46:41,470 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:46:41,470 INFO L93 Difference]: Finished difference Result 821 states and 1340 transitions. [2023-11-26 10:46:41,471 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2023-11-26 10:46:41,471 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 7.875) internal successors, (63), 5 states have internal predecessors, (63), 3 states have call successors, (15), 6 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 101 [2023-11-26 10:46:41,472 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:46:41,479 INFO L225 Difference]: With dead ends: 821 [2023-11-26 10:46:41,479 INFO L226 Difference]: Without dead ends: 456 [2023-11-26 10:46:41,481 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 42 GetRequests, 27 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 31 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=73, Invalid=199, Unknown=0, NotChecked=0, Total=272 [2023-11-26 10:46:41,484 INFO L413 NwaCegarLoop]: 183 mSDtfsCounter, 1051 mSDsluCounter, 963 mSDsCounter, 0 mSdLazyCounter, 2024 mSolverCounterSat, 340 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1052 SdHoareTripleChecker+Valid, 1146 SdHoareTripleChecker+Invalid, 2364 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 340 IncrementalHoareTripleChecker+Valid, 2024 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.9s IncrementalHoareTripleChecker+Time [2023-11-26 10:46:41,484 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1052 Valid, 1146 Invalid, 2364 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [340 Valid, 2024 Invalid, 0 Unknown, 0 Unchecked, 1.9s Time] [2023-11-26 10:46:41,487 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 456 states. [2023-11-26 10:46:41,562 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 456 to 384. [2023-11-26 10:46:41,563 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 384 states, 294 states have (on average 1.629251700680272) internal successors, (479), 300 states have internal predecessors, (479), 66 states have call successors, (66), 21 states have call predecessors, (66), 23 states have return successors, (71), 64 states have call predecessors, (71), 65 states have call successors, (71) [2023-11-26 10:46:41,566 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 384 states to 384 states and 616 transitions. [2023-11-26 10:46:41,568 INFO L78 Accepts]: Start accepts. Automaton has 384 states and 616 transitions. Word has length 101 [2023-11-26 10:46:41,569 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:46:41,569 INFO L495 AbstractCegarLoop]: Abstraction has 384 states and 616 transitions. [2023-11-26 10:46:41,569 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 7.875) internal successors, (63), 5 states have internal predecessors, (63), 3 states have call successors, (15), 6 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2023-11-26 10:46:41,570 INFO L276 IsEmpty]: Start isEmpty. Operand 384 states and 616 transitions. [2023-11-26 10:46:41,573 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 103 [2023-11-26 10:46:41,573 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:41,573 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:41,573 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2023-11-26 10:46:41,574 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:41,574 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:41,574 INFO L85 PathProgramCache]: Analyzing trace with hash 1160100083, now seen corresponding path program 2 times [2023-11-26 10:46:41,574 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:41,575 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [108792828] [2023-11-26 10:46:41,575 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:41,575 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:41,607 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,762 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:41,764 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,773 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:41,778 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,782 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:41,784 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,786 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:46:41,788 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,790 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:46:41,793 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,816 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2023-11-26 10:46:41,819 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,830 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2023-11-26 10:46:41,831 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,842 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2023-11-26 10:46:41,844 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,846 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 65 [2023-11-26 10:46:41,848 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,849 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 74 [2023-11-26 10:46:41,850 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,852 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 87 [2023-11-26 10:46:41,853 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,854 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2023-11-26 10:46:41,856 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:41,857 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2023-11-26 10:46:41,858 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:41,858 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [108792828] [2023-11-26 10:46:41,858 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [108792828] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:46:41,858 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-26 10:46:41,858 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2023-11-26 10:46:41,859 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [259402808] [2023-11-26 10:46:41,859 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:46:41,860 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2023-11-26 10:46:41,860 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:41,861 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2023-11-26 10:46:41,861 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2023-11-26 10:46:41,861 INFO L87 Difference]: Start difference. First operand 384 states and 616 transitions. Second operand has 9 states, 8 states have (on average 8.0) internal successors, (64), 5 states have internal predecessors, (64), 3 states have call successors, (15), 6 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2023-11-26 10:46:44,173 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:46:44,173 INFO L93 Difference]: Finished difference Result 823 states and 1343 transitions. [2023-11-26 10:46:44,174 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2023-11-26 10:46:44,174 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 8.0) internal successors, (64), 5 states have internal predecessors, (64), 3 states have call successors, (15), 6 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 102 [2023-11-26 10:46:44,174 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:46:44,180 INFO L225 Difference]: With dead ends: 823 [2023-11-26 10:46:44,180 INFO L226 Difference]: Without dead ends: 458 [2023-11-26 10:46:44,182 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 42 GetRequests, 27 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=73, Invalid=199, Unknown=0, NotChecked=0, Total=272 [2023-11-26 10:46:44,183 INFO L413 NwaCegarLoop]: 182 mSDtfsCounter, 1047 mSDsluCounter, 963 mSDsCounter, 0 mSdLazyCounter, 2056 mSolverCounterSat, 330 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1049 SdHoareTripleChecker+Valid, 1145 SdHoareTripleChecker+Invalid, 2386 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 330 IncrementalHoareTripleChecker+Valid, 2056 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.0s IncrementalHoareTripleChecker+Time [2023-11-26 10:46:44,184 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1049 Valid, 1145 Invalid, 2386 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [330 Valid, 2056 Invalid, 0 Unknown, 0 Unchecked, 2.0s Time] [2023-11-26 10:46:44,186 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 458 states. [2023-11-26 10:46:44,218 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 458 to 386. [2023-11-26 10:46:44,220 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 386 states, 295 states have (on average 1.6271186440677967) internal successors, (480), 302 states have internal predecessors, (480), 66 states have call successors, (66), 21 states have call predecessors, (66), 24 states have return successors, (73), 64 states have call predecessors, (73), 65 states have call successors, (73) [2023-11-26 10:46:44,224 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 386 states to 386 states and 619 transitions. [2023-11-26 10:46:44,224 INFO L78 Accepts]: Start accepts. Automaton has 386 states and 619 transitions. Word has length 102 [2023-11-26 10:46:44,224 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:46:44,225 INFO L495 AbstractCegarLoop]: Abstraction has 386 states and 619 transitions. [2023-11-26 10:46:44,225 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 8.0) internal successors, (64), 5 states have internal predecessors, (64), 3 states have call successors, (15), 6 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2023-11-26 10:46:44,225 INFO L276 IsEmpty]: Start isEmpty. Operand 386 states and 619 transitions. [2023-11-26 10:46:44,228 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 104 [2023-11-26 10:46:44,228 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:44,228 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:44,229 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2023-11-26 10:46:44,229 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:44,229 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:44,230 INFO L85 PathProgramCache]: Analyzing trace with hash 2141976199, now seen corresponding path program 1 times [2023-11-26 10:46:44,230 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:44,230 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [226152179] [2023-11-26 10:46:44,230 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:44,230 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:44,254 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,376 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:44,378 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,387 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:44,389 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,390 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:44,392 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,394 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:46:44,396 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,398 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:46:44,400 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,418 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2023-11-26 10:46:44,421 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,436 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 53 [2023-11-26 10:46:44,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,449 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2023-11-26 10:46:44,450 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,451 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2023-11-26 10:46:44,452 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,454 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2023-11-26 10:46:44,455 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,456 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 88 [2023-11-26 10:46:44,457 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,458 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 95 [2023-11-26 10:46:44,459 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:44,461 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2023-11-26 10:46:44,461 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:44,461 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [226152179] [2023-11-26 10:46:44,462 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [226152179] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:46:44,462 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-26 10:46:44,462 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2023-11-26 10:46:44,462 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [799279786] [2023-11-26 10:46:44,462 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:46:44,463 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2023-11-26 10:46:44,463 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:44,463 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2023-11-26 10:46:44,464 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=57, Unknown=0, NotChecked=0, Total=72 [2023-11-26 10:46:44,464 INFO L87 Difference]: Start difference. First operand 386 states and 619 transitions. Second operand has 9 states, 8 states have (on average 8.125) internal successors, (65), 5 states have internal predecessors, (65), 3 states have call successors, (15), 6 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2023-11-26 10:46:46,626 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:46:46,627 INFO L93 Difference]: Finished difference Result 823 states and 1342 transitions. [2023-11-26 10:46:46,627 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2023-11-26 10:46:46,627 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 8.125) internal successors, (65), 5 states have internal predecessors, (65), 3 states have call successors, (15), 6 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) Word has length 103 [2023-11-26 10:46:46,628 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:46:46,632 INFO L225 Difference]: With dead ends: 823 [2023-11-26 10:46:46,632 INFO L226 Difference]: Without dead ends: 458 [2023-11-26 10:46:46,634 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 44 GetRequests, 28 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 41 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=89, Invalid=217, Unknown=0, NotChecked=0, Total=306 [2023-11-26 10:46:46,635 INFO L413 NwaCegarLoop]: 182 mSDtfsCounter, 1051 mSDsluCounter, 963 mSDsCounter, 0 mSdLazyCounter, 2016 mSolverCounterSat, 347 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1052 SdHoareTripleChecker+Valid, 1145 SdHoareTripleChecker+Invalid, 2363 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 347 IncrementalHoareTripleChecker+Valid, 2016 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.8s IncrementalHoareTripleChecker+Time [2023-11-26 10:46:46,636 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1052 Valid, 1145 Invalid, 2363 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [347 Valid, 2016 Invalid, 0 Unknown, 0 Unchecked, 1.8s Time] [2023-11-26 10:46:46,637 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 458 states. [2023-11-26 10:46:46,670 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 458 to 386. [2023-11-26 10:46:46,671 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 386 states, 295 states have (on average 1.6271186440677967) internal successors, (480), 302 states have internal predecessors, (480), 66 states have call successors, (66), 21 states have call predecessors, (66), 24 states have return successors, (73), 64 states have call predecessors, (73), 65 states have call successors, (73) [2023-11-26 10:46:46,675 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 386 states to 386 states and 619 transitions. [2023-11-26 10:46:46,676 INFO L78 Accepts]: Start accepts. Automaton has 386 states and 619 transitions. Word has length 103 [2023-11-26 10:46:46,676 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:46:46,676 INFO L495 AbstractCegarLoop]: Abstraction has 386 states and 619 transitions. [2023-11-26 10:46:46,676 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 8.125) internal successors, (65), 5 states have internal predecessors, (65), 3 states have call successors, (15), 6 states have call predecessors, (15), 2 states have return successors, (12), 2 states have call predecessors, (12), 3 states have call successors, (12) [2023-11-26 10:46:46,677 INFO L276 IsEmpty]: Start isEmpty. Operand 386 states and 619 transitions. [2023-11-26 10:46:46,679 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 104 [2023-11-26 10:46:46,680 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:46,680 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:46,680 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2023-11-26 10:46:46,681 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:46,681 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:46,681 INFO L85 PathProgramCache]: Analyzing trace with hash -1185640443, now seen corresponding path program 1 times [2023-11-26 10:46:46,681 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:46,682 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [769346567] [2023-11-26 10:46:46,682 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:46,682 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:46,727 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,869 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:46,870 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,880 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:46,882 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,883 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:46,885 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,887 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:46:46,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,891 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:46:46,893 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,915 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2023-11-26 10:46:46,918 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,950 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 53 [2023-11-26 10:46:46,951 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,964 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2023-11-26 10:46:46,965 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,967 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2023-11-26 10:46:46,968 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,969 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2023-11-26 10:46:46,970 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,972 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 88 [2023-11-26 10:46:46,973 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,974 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 95 [2023-11-26 10:46:46,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:46,977 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2023-11-26 10:46:46,977 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:46,978 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [769346567] [2023-11-26 10:46:46,978 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [769346567] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:46:46,978 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-26 10:46:46,978 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [12] imperfect sequences [] total 12 [2023-11-26 10:46:46,978 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [762966628] [2023-11-26 10:46:46,978 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:46:46,979 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2023-11-26 10:46:46,979 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:46,980 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2023-11-26 10:46:46,980 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=111, Unknown=0, NotChecked=0, Total=132 [2023-11-26 10:46:46,980 INFO L87 Difference]: Start difference. First operand 386 states and 619 transitions. Second operand has 12 states, 11 states have (on average 6.181818181818182) internal successors, (68), 8 states have internal predecessors, (68), 4 states have call successors, (15), 6 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 4 states have call successors, (12) [2023-11-26 10:46:49,755 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:46:49,755 INFO L93 Difference]: Finished difference Result 821 states and 1337 transitions. [2023-11-26 10:46:49,756 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2023-11-26 10:46:49,756 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 6.181818181818182) internal successors, (68), 8 states have internal predecessors, (68), 4 states have call successors, (15), 6 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 4 states have call successors, (12) Word has length 103 [2023-11-26 10:46:49,756 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:46:49,761 INFO L225 Difference]: With dead ends: 821 [2023-11-26 10:46:49,761 INFO L226 Difference]: Without dead ends: 458 [2023-11-26 10:46:49,780 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 49 GetRequests, 27 SyntacticMatches, 0 SemanticMatches, 22 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 71 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=112, Invalid=440, Unknown=0, NotChecked=0, Total=552 [2023-11-26 10:46:49,781 INFO L413 NwaCegarLoop]: 174 mSDtfsCounter, 1055 mSDsluCounter, 1412 mSDsCounter, 0 mSdLazyCounter, 3435 mSolverCounterSat, 329 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1056 SdHoareTripleChecker+Valid, 1586 SdHoareTripleChecker+Invalid, 3764 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 329 IncrementalHoareTripleChecker+Valid, 3435 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.3s IncrementalHoareTripleChecker+Time [2023-11-26 10:46:49,781 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1056 Valid, 1586 Invalid, 3764 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [329 Valid, 3435 Invalid, 0 Unknown, 0 Unchecked, 2.3s Time] [2023-11-26 10:46:49,782 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 458 states. [2023-11-26 10:46:49,824 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 458 to 386. [2023-11-26 10:46:49,825 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 386 states, 295 states have (on average 1.6271186440677967) internal successors, (480), 302 states have internal predecessors, (480), 66 states have call successors, (66), 21 states have call predecessors, (66), 24 states have return successors, (72), 64 states have call predecessors, (72), 65 states have call successors, (72) [2023-11-26 10:46:49,828 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 386 states to 386 states and 618 transitions. [2023-11-26 10:46:49,829 INFO L78 Accepts]: Start accepts. Automaton has 386 states and 618 transitions. Word has length 103 [2023-11-26 10:46:49,829 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:46:49,829 INFO L495 AbstractCegarLoop]: Abstraction has 386 states and 618 transitions. [2023-11-26 10:46:49,829 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 11 states have (on average 6.181818181818182) internal successors, (68), 8 states have internal predecessors, (68), 4 states have call successors, (15), 6 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 4 states have call successors, (12) [2023-11-26 10:46:49,829 INFO L276 IsEmpty]: Start isEmpty. Operand 386 states and 618 transitions. [2023-11-26 10:46:49,833 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 105 [2023-11-26 10:46:49,833 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:49,833 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:49,834 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2023-11-26 10:46:49,834 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:49,834 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:49,834 INFO L85 PathProgramCache]: Analyzing trace with hash 1443472319, now seen corresponding path program 2 times [2023-11-26 10:46:49,834 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:49,835 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1595721576] [2023-11-26 10:46:49,835 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:49,835 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:49,863 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,002 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:50,004 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,014 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:50,015 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,017 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:50,019 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,021 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:46:50,023 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,024 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:46:50,027 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,049 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2023-11-26 10:46:50,052 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,088 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 54 [2023-11-26 10:46:50,089 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,103 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 59 [2023-11-26 10:46:50,104 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,105 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2023-11-26 10:46:50,106 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,108 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2023-11-26 10:46:50,109 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,110 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 89 [2023-11-26 10:46:50,111 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,113 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 96 [2023-11-26 10:46:50,114 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:50,115 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2023-11-26 10:46:50,116 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:50,116 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1595721576] [2023-11-26 10:46:50,116 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1595721576] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:46:50,116 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-26 10:46:50,116 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [12] imperfect sequences [] total 12 [2023-11-26 10:46:50,117 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1903046033] [2023-11-26 10:46:50,117 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:46:50,117 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2023-11-26 10:46:50,117 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:50,118 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2023-11-26 10:46:50,118 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=111, Unknown=0, NotChecked=0, Total=132 [2023-11-26 10:46:50,119 INFO L87 Difference]: Start difference. First operand 386 states and 618 transitions. Second operand has 12 states, 11 states have (on average 6.2727272727272725) internal successors, (69), 8 states have internal predecessors, (69), 4 states have call successors, (15), 6 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 4 states have call successors, (12) [2023-11-26 10:46:52,922 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:46:52,922 INFO L93 Difference]: Finished difference Result 823 states and 1343 transitions. [2023-11-26 10:46:52,923 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2023-11-26 10:46:52,923 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 6.2727272727272725) internal successors, (69), 8 states have internal predecessors, (69), 4 states have call successors, (15), 6 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 4 states have call successors, (12) Word has length 104 [2023-11-26 10:46:52,923 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:46:52,927 INFO L225 Difference]: With dead ends: 823 [2023-11-26 10:46:52,927 INFO L226 Difference]: Without dead ends: 460 [2023-11-26 10:46:52,929 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 49 GetRequests, 27 SyntacticMatches, 0 SemanticMatches, 22 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 71 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=112, Invalid=440, Unknown=0, NotChecked=0, Total=552 [2023-11-26 10:46:52,930 INFO L413 NwaCegarLoop]: 173 mSDtfsCounter, 1052 mSDsluCounter, 1412 mSDsCounter, 0 mSdLazyCounter, 3452 mSolverCounterSat, 328 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1053 SdHoareTripleChecker+Valid, 1585 SdHoareTripleChecker+Invalid, 3780 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 328 IncrementalHoareTripleChecker+Valid, 3452 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.4s IncrementalHoareTripleChecker+Time [2023-11-26 10:46:52,932 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1053 Valid, 1585 Invalid, 3780 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [328 Valid, 3452 Invalid, 0 Unknown, 0 Unchecked, 2.4s Time] [2023-11-26 10:46:52,934 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 460 states. [2023-11-26 10:46:52,978 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 460 to 388. [2023-11-26 10:46:52,980 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 388 states, 296 states have (on average 1.625) internal successors, (481), 304 states have internal predecessors, (481), 66 states have call successors, (66), 21 states have call predecessors, (66), 25 states have return successors, (77), 64 states have call predecessors, (77), 65 states have call successors, (77) [2023-11-26 10:46:52,983 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 388 states to 388 states and 624 transitions. [2023-11-26 10:46:52,984 INFO L78 Accepts]: Start accepts. Automaton has 388 states and 624 transitions. Word has length 104 [2023-11-26 10:46:52,984 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:46:52,984 INFO L495 AbstractCegarLoop]: Abstraction has 388 states and 624 transitions. [2023-11-26 10:46:52,985 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 11 states have (on average 6.2727272727272725) internal successors, (69), 8 states have internal predecessors, (69), 4 states have call successors, (15), 6 states have call predecessors, (15), 3 states have return successors, (12), 3 states have call predecessors, (12), 4 states have call successors, (12) [2023-11-26 10:46:52,985 INFO L276 IsEmpty]: Start isEmpty. Operand 388 states and 624 transitions. [2023-11-26 10:46:52,988 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 106 [2023-11-26 10:46:52,988 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:52,988 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:52,988 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2023-11-26 10:46:52,989 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:52,989 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:52,989 INFO L85 PathProgramCache]: Analyzing trace with hash -726376630, now seen corresponding path program 1 times [2023-11-26 10:46:52,989 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:52,989 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2069107574] [2023-11-26 10:46:52,990 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:52,990 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:53,037 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,170 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:53,172 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,184 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:53,185 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,187 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:53,188 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,190 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:46:53,191 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,193 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:46:53,195 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,196 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2023-11-26 10:46:53,198 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,208 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 55 [2023-11-26 10:46:53,209 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,218 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2023-11-26 10:46:53,220 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,221 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 68 [2023-11-26 10:46:53,222 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,223 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2023-11-26 10:46:53,224 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,225 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 90 [2023-11-26 10:46:53,227 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,229 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 97 [2023-11-26 10:46:53,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,232 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2023-11-26 10:46:53,232 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:53,232 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2069107574] [2023-11-26 10:46:53,232 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2069107574] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-26 10:46:53,232 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [207550677] [2023-11-26 10:46:53,233 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:53,233 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-26 10:46:53,233 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 [2023-11-26 10:46:53,234 INFO L229 MonitoredProcess]: Starting monitored process 7 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-26 10:46:53,269 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2023-11-26 10:46:53,539 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:53,544 INFO L262 TraceCheckSpWp]: Trace formula consists of 1009 conjuncts, 3 conjunts are in the unsatisfiable core [2023-11-26 10:46:53,548 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-26 10:46:53,581 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2023-11-26 10:46:53,581 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-11-26 10:46:53,661 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2023-11-26 10:46:53,661 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [207550677] provided 0 perfect and 2 imperfect interpolant sequences [2023-11-26 10:46:53,661 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2023-11-26 10:46:53,662 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 4, 4] total 11 [2023-11-26 10:46:53,664 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1926216412] [2023-11-26 10:46:53,664 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2023-11-26 10:46:53,665 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2023-11-26 10:46:53,665 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:53,666 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2023-11-26 10:46:53,666 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=81, Unknown=0, NotChecked=0, Total=110 [2023-11-26 10:46:53,666 INFO L87 Difference]: Start difference. First operand 388 states and 624 transitions. Second operand has 11 states, 11 states have (on average 8.727272727272727) internal successors, (96), 7 states have internal predecessors, (96), 2 states have call successors, (30), 6 states have call predecessors, (30), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2023-11-26 10:46:56,167 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:46:56,168 INFO L93 Difference]: Finished difference Result 997 states and 1699 transitions. [2023-11-26 10:46:56,168 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2023-11-26 10:46:56,169 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 11 states have (on average 8.727272727272727) internal successors, (96), 7 states have internal predecessors, (96), 2 states have call successors, (30), 6 states have call predecessors, (30), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) Word has length 105 [2023-11-26 10:46:56,170 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:46:56,178 INFO L225 Difference]: With dead ends: 997 [2023-11-26 10:46:56,178 INFO L226 Difference]: Without dead ends: 860 [2023-11-26 10:46:56,180 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 246 GetRequests, 231 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 35 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=66, Invalid=206, Unknown=0, NotChecked=0, Total=272 [2023-11-26 10:46:56,181 INFO L413 NwaCegarLoop]: 224 mSDtfsCounter, 1479 mSDsluCounter, 1326 mSDsCounter, 0 mSdLazyCounter, 2235 mSolverCounterSat, 524 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1536 SdHoareTripleChecker+Valid, 1550 SdHoareTripleChecker+Invalid, 2759 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 524 IncrementalHoareTripleChecker+Valid, 2235 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.1s IncrementalHoareTripleChecker+Time [2023-11-26 10:46:56,181 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1536 Valid, 1550 Invalid, 2759 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [524 Valid, 2235 Invalid, 0 Unknown, 0 Unchecked, 2.1s Time] [2023-11-26 10:46:56,184 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 860 states. [2023-11-26 10:46:56,235 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 860 to 773. [2023-11-26 10:46:56,237 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 773 states, 602 states have (on average 1.6710963455149501) internal successors, (1006), 610 states have internal predecessors, (1006), 145 states have call successors, (145), 21 states have call predecessors, (145), 25 states have return successors, (166), 143 states have call predecessors, (166), 144 states have call successors, (166) [2023-11-26 10:46:56,243 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 773 states to 773 states and 1317 transitions. [2023-11-26 10:46:56,243 INFO L78 Accepts]: Start accepts. Automaton has 773 states and 1317 transitions. Word has length 105 [2023-11-26 10:46:56,245 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:46:56,245 INFO L495 AbstractCegarLoop]: Abstraction has 773 states and 1317 transitions. [2023-11-26 10:46:56,245 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 11 states have (on average 8.727272727272727) internal successors, (96), 7 states have internal predecessors, (96), 2 states have call successors, (30), 6 states have call predecessors, (30), 2 states have return successors, (18), 2 states have call predecessors, (18), 2 states have call successors, (18) [2023-11-26 10:46:56,245 INFO L276 IsEmpty]: Start isEmpty. Operand 773 states and 1317 transitions. [2023-11-26 10:46:56,251 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2023-11-26 10:46:56,251 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:56,251 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:56,263 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2023-11-26 10:46:56,458 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,7 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9ce0b1ee-d2d9-4bbc-ace9-563b66b0047c/bin/uautomizer-verify-VRDe98Ueme/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-26 10:46:56,459 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:56,460 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:56,460 INFO L85 PathProgramCache]: Analyzing trace with hash -1593665369, now seen corresponding path program 1 times [2023-11-26 10:46:56,460 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:56,460 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [422789319] [2023-11-26 10:46:56,460 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:56,461 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:56,485 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,530 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:56,532 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,540 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:56,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,544 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:56,545 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,547 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:46:56,548 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,550 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:46:56,551 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,553 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2023-11-26 10:46:56,555 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,563 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2023-11-26 10:46:56,564 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,572 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2023-11-26 10:46:56,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,575 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 74 [2023-11-26 10:46:56,576 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,577 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 83 [2023-11-26 10:46:56,578 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,579 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 96 [2023-11-26 10:46:56,580 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,581 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 103 [2023-11-26 10:46:56,582 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:56,583 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2023-11-26 10:46:56,583 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:56,583 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [422789319] [2023-11-26 10:46:56,584 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [422789319] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:46:56,584 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-26 10:46:56,584 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2023-11-26 10:46:56,584 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1008369243] [2023-11-26 10:46:56,584 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:46:56,584 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2023-11-26 10:46:56,585 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:56,585 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2023-11-26 10:46:56,585 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2023-11-26 10:46:56,586 INFO L87 Difference]: Start difference. First operand 773 states and 1317 transitions. Second operand has 7 states, 7 states have (on average 10.142857142857142) internal successors, (71), 3 states have internal predecessors, (71), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:46:58,312 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:46:58,313 INFO L93 Difference]: Finished difference Result 1945 states and 3394 transitions. [2023-11-26 10:46:58,313 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2023-11-26 10:46:58,314 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.142857142857142) internal successors, (71), 3 states have internal predecessors, (71), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 111 [2023-11-26 10:46:58,314 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:46:58,325 INFO L225 Difference]: With dead ends: 1945 [2023-11-26 10:46:58,325 INFO L226 Difference]: Without dead ends: 1232 [2023-11-26 10:46:58,332 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 37 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=108, Unknown=0, NotChecked=0, Total=156 [2023-11-26 10:46:58,333 INFO L413 NwaCegarLoop]: 193 mSDtfsCounter, 1164 mSDsluCounter, 667 mSDsCounter, 0 mSdLazyCounter, 1135 mSolverCounterSat, 417 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1183 SdHoareTripleChecker+Valid, 860 SdHoareTripleChecker+Invalid, 1552 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 417 IncrementalHoareTripleChecker+Valid, 1135 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.5s IncrementalHoareTripleChecker+Time [2023-11-26 10:46:58,334 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1183 Valid, 860 Invalid, 1552 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [417 Valid, 1135 Invalid, 0 Unknown, 0 Unchecked, 1.5s Time] [2023-11-26 10:46:58,336 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1232 states. [2023-11-26 10:46:58,409 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1232 to 1155. [2023-11-26 10:46:58,413 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1155 states, 905 states have (on average 1.6773480662983424) internal successors, (1518), 913 states have internal predecessors, (1518), 224 states have call successors, (224), 21 states have call predecessors, (224), 25 states have return successors, (255), 222 states have call predecessors, (255), 223 states have call successors, (255) [2023-11-26 10:46:58,422 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1155 states to 1155 states and 1997 transitions. [2023-11-26 10:46:58,422 INFO L78 Accepts]: Start accepts. Automaton has 1155 states and 1997 transitions. Word has length 111 [2023-11-26 10:46:58,423 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:46:58,423 INFO L495 AbstractCegarLoop]: Abstraction has 1155 states and 1997 transitions. [2023-11-26 10:46:58,423 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.142857142857142) internal successors, (71), 3 states have internal predecessors, (71), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:46:58,423 INFO L276 IsEmpty]: Start isEmpty. Operand 1155 states and 1997 transitions. [2023-11-26 10:46:58,432 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 113 [2023-11-26 10:46:58,432 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:46:58,432 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:46:58,432 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2023-11-26 10:46:58,433 INFO L420 AbstractCegarLoop]: === Iteration 13 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:46:58,433 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:46:58,433 INFO L85 PathProgramCache]: Analyzing trace with hash -357243069, now seen corresponding path program 1 times [2023-11-26 10:46:58,433 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:46:58,434 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [322078082] [2023-11-26 10:46:58,434 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:46:58,434 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:46:58,457 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,501 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:46:58,503 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,511 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:46:58,513 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,514 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:46:58,516 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,518 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:46:58,520 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,521 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:46:58,523 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,525 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2023-11-26 10:46:58,527 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,536 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2023-11-26 10:46:58,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,547 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2023-11-26 10:46:58,549 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,550 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2023-11-26 10:46:58,551 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,552 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 84 [2023-11-26 10:46:58,553 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,554 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 97 [2023-11-26 10:46:58,573 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,574 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 104 [2023-11-26 10:46:58,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:46:58,577 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2023-11-26 10:46:58,577 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:46:58,577 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [322078082] [2023-11-26 10:46:58,577 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [322078082] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:46:58,577 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-26 10:46:58,578 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2023-11-26 10:46:58,578 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [661144750] [2023-11-26 10:46:58,578 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:46:58,579 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2023-11-26 10:46:58,579 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:46:58,580 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2023-11-26 10:46:58,580 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2023-11-26 10:46:58,581 INFO L87 Difference]: Start difference. First operand 1155 states and 1997 transitions. Second operand has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 3 states have internal predecessors, (72), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:47:00,307 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:47:00,308 INFO L93 Difference]: Finished difference Result 2876 states and 5050 transitions. [2023-11-26 10:47:00,308 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2023-11-26 10:47:00,309 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 3 states have internal predecessors, (72), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 112 [2023-11-26 10:47:00,309 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:47:00,324 INFO L225 Difference]: With dead ends: 2876 [2023-11-26 10:47:00,324 INFO L226 Difference]: Without dead ends: 1831 [2023-11-26 10:47:00,329 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 37 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=108, Unknown=0, NotChecked=0, Total=156 [2023-11-26 10:47:00,332 INFO L413 NwaCegarLoop]: 186 mSDtfsCounter, 1160 mSDsluCounter, 656 mSDsCounter, 0 mSdLazyCounter, 1132 mSolverCounterSat, 403 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1179 SdHoareTripleChecker+Valid, 842 SdHoareTripleChecker+Invalid, 1535 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 403 IncrementalHoareTripleChecker+Valid, 1132 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.5s IncrementalHoareTripleChecker+Time [2023-11-26 10:47:00,332 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1179 Valid, 842 Invalid, 1535 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [403 Valid, 1132 Invalid, 0 Unknown, 0 Unchecked, 1.5s Time] [2023-11-26 10:47:00,335 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1831 states. [2023-11-26 10:47:00,428 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1831 to 1754. [2023-11-26 10:47:00,433 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1754 states, 1385 states have (on average 1.6808664259927797) internal successors, (2328), 1393 states have internal predecessors, (2328), 343 states have call successors, (343), 21 states have call predecessors, (343), 25 states have return successors, (374), 341 states have call predecessors, (374), 342 states have call successors, (374) [2023-11-26 10:47:00,453 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1754 states to 1754 states and 3045 transitions. [2023-11-26 10:47:00,454 INFO L78 Accepts]: Start accepts. Automaton has 1754 states and 3045 transitions. Word has length 112 [2023-11-26 10:47:00,455 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:47:00,455 INFO L495 AbstractCegarLoop]: Abstraction has 1754 states and 3045 transitions. [2023-11-26 10:47:00,455 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 3 states have internal predecessors, (72), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:47:00,455 INFO L276 IsEmpty]: Start isEmpty. Operand 1754 states and 3045 transitions. [2023-11-26 10:47:00,471 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 114 [2023-11-26 10:47:00,471 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:47:00,471 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:47:00,471 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2023-11-26 10:47:00,472 INFO L420 AbstractCegarLoop]: === Iteration 14 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:47:00,472 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:47:00,472 INFO L85 PathProgramCache]: Analyzing trace with hash -1232741879, now seen corresponding path program 1 times [2023-11-26 10:47:00,472 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:47:00,472 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [766704730] [2023-11-26 10:47:00,473 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:47:00,473 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:47:00,505 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,558 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:47:00,560 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,568 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:47:00,570 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,572 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:47:00,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,575 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:47:00,577 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,579 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:47:00,581 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,583 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2023-11-26 10:47:00,585 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,594 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 63 [2023-11-26 10:47:00,595 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,604 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 68 [2023-11-26 10:47:00,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,607 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2023-11-26 10:47:00,608 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,610 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 85 [2023-11-26 10:47:00,611 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,612 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 98 [2023-11-26 10:47:00,613 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,614 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 105 [2023-11-26 10:47:00,615 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:00,617 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2023-11-26 10:47:00,617 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:47:00,617 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [766704730] [2023-11-26 10:47:00,618 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [766704730] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:47:00,618 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-26 10:47:00,618 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2023-11-26 10:47:00,618 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [750875077] [2023-11-26 10:47:00,618 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:47:00,619 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2023-11-26 10:47:00,619 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:47:00,619 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2023-11-26 10:47:00,620 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2023-11-26 10:47:00,620 INFO L87 Difference]: Start difference. First operand 1754 states and 3045 transitions. Second operand has 7 states, 7 states have (on average 10.428571428571429) internal successors, (73), 3 states have internal predecessors, (73), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:47:02,379 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:47:02,380 INFO L93 Difference]: Finished difference Result 4272 states and 7555 transitions. [2023-11-26 10:47:02,380 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2023-11-26 10:47:02,380 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.428571428571429) internal successors, (73), 3 states have internal predecessors, (73), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 113 [2023-11-26 10:47:02,381 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:47:02,403 INFO L225 Difference]: With dead ends: 4272 [2023-11-26 10:47:02,403 INFO L226 Difference]: Without dead ends: 2748 [2023-11-26 10:47:02,411 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 37 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=108, Unknown=0, NotChecked=0, Total=156 [2023-11-26 10:47:02,412 INFO L413 NwaCegarLoop]: 187 mSDtfsCounter, 1155 mSDsluCounter, 655 mSDsCounter, 0 mSdLazyCounter, 1145 mSolverCounterSat, 404 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1173 SdHoareTripleChecker+Valid, 842 SdHoareTripleChecker+Invalid, 1549 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 404 IncrementalHoareTripleChecker+Valid, 1145 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.5s IncrementalHoareTripleChecker+Time [2023-11-26 10:47:02,413 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1173 Valid, 842 Invalid, 1549 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [404 Valid, 1145 Invalid, 0 Unknown, 0 Unchecked, 1.5s Time] [2023-11-26 10:47:02,417 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2748 states. [2023-11-26 10:47:02,605 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2748 to 2671. [2023-11-26 10:47:02,613 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2671 states, 2140 states have (on average 1.6845794392523366) internal successors, (3605), 2148 states have internal predecessors, (3605), 505 states have call successors, (505), 21 states have call predecessors, (505), 25 states have return successors, (552), 503 states have call predecessors, (552), 504 states have call successors, (552) [2023-11-26 10:47:02,628 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2671 states to 2671 states and 4662 transitions. [2023-11-26 10:47:02,629 INFO L78 Accepts]: Start accepts. Automaton has 2671 states and 4662 transitions. Word has length 113 [2023-11-26 10:47:02,629 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:47:02,630 INFO L495 AbstractCegarLoop]: Abstraction has 2671 states and 4662 transitions. [2023-11-26 10:47:02,630 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.428571428571429) internal successors, (73), 3 states have internal predecessors, (73), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:47:02,630 INFO L276 IsEmpty]: Start isEmpty. Operand 2671 states and 4662 transitions. [2023-11-26 10:47:02,649 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 115 [2023-11-26 10:47:02,649 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:47:02,650 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:47:02,650 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13 [2023-11-26 10:47:02,650 INFO L420 AbstractCegarLoop]: === Iteration 15 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:47:02,650 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:47:02,651 INFO L85 PathProgramCache]: Analyzing trace with hash -1169024348, now seen corresponding path program 1 times [2023-11-26 10:47:02,651 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:47:02,651 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1112931427] [2023-11-26 10:47:02,651 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:47:02,652 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:47:02,683 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,764 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:47:02,766 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,802 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:47:02,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,806 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:47:02,808 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,810 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:47:02,812 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,814 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:47:02,817 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,819 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2023-11-26 10:47:02,822 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,835 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2023-11-26 10:47:02,836 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,846 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 69 [2023-11-26 10:47:02,847 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,849 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2023-11-26 10:47:02,850 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,858 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 86 [2023-11-26 10:47:02,859 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,861 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 99 [2023-11-26 10:47:02,862 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,863 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 106 [2023-11-26 10:47:02,864 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:02,866 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2023-11-26 10:47:02,866 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:47:02,866 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1112931427] [2023-11-26 10:47:02,866 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1112931427] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:47:02,866 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-26 10:47:02,866 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2023-11-26 10:47:02,867 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [665717557] [2023-11-26 10:47:02,867 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:47:02,868 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2023-11-26 10:47:02,868 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:47:02,869 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2023-11-26 10:47:02,869 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2023-11-26 10:47:02,869 INFO L87 Difference]: Start difference. First operand 2671 states and 4662 transitions. Second operand has 7 states, 7 states have (on average 10.571428571428571) internal successors, (74), 3 states have internal predecessors, (74), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:47:04,560 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:47:04,561 INFO L93 Difference]: Finished difference Result 6472 states and 11515 transitions. [2023-11-26 10:47:04,561 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2023-11-26 10:47:04,561 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.571428571428571) internal successors, (74), 3 states have internal predecessors, (74), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 114 [2023-11-26 10:47:04,562 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:47:04,597 INFO L225 Difference]: With dead ends: 6472 [2023-11-26 10:47:04,598 INFO L226 Difference]: Without dead ends: 4228 [2023-11-26 10:47:04,609 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 37 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=48, Invalid=108, Unknown=0, NotChecked=0, Total=156 [2023-11-26 10:47:04,610 INFO L413 NwaCegarLoop]: 185 mSDtfsCounter, 1155 mSDsluCounter, 655 mSDsCounter, 0 mSdLazyCounter, 1118 mSolverCounterSat, 396 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1174 SdHoareTripleChecker+Valid, 840 SdHoareTripleChecker+Invalid, 1514 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 396 IncrementalHoareTripleChecker+Valid, 1118 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.4s IncrementalHoareTripleChecker+Time [2023-11-26 10:47:04,611 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1174 Valid, 840 Invalid, 1514 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [396 Valid, 1118 Invalid, 0 Unknown, 0 Unchecked, 1.4s Time] [2023-11-26 10:47:04,617 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4228 states. [2023-11-26 10:47:04,852 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4228 to 4151. [2023-11-26 10:47:04,863 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4151 states, 3375 states have (on average 1.6874074074074075) internal successors, (5695), 3383 states have internal predecessors, (5695), 750 states have call successors, (750), 21 states have call predecessors, (750), 25 states have return successors, (823), 748 states have call predecessors, (823), 749 states have call successors, (823) [2023-11-26 10:47:04,881 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4151 states to 4151 states and 7268 transitions. [2023-11-26 10:47:04,882 INFO L78 Accepts]: Start accepts. Automaton has 4151 states and 7268 transitions. Word has length 114 [2023-11-26 10:47:04,882 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:47:04,883 INFO L495 AbstractCegarLoop]: Abstraction has 4151 states and 7268 transitions. [2023-11-26 10:47:04,883 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.571428571428571) internal successors, (74), 3 states have internal predecessors, (74), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:47:04,883 INFO L276 IsEmpty]: Start isEmpty. Operand 4151 states and 7268 transitions. [2023-11-26 10:47:04,933 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 116 [2023-11-26 10:47:04,933 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:47:04,933 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:47:04,934 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable14 [2023-11-26 10:47:04,934 INFO L420 AbstractCegarLoop]: === Iteration 16 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:47:04,934 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:47:04,935 INFO L85 PathProgramCache]: Analyzing trace with hash 1386482053, now seen corresponding path program 1 times [2023-11-26 10:47:04,935 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:47:04,935 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [70555988] [2023-11-26 10:47:04,935 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:47:04,935 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:47:04,961 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,007 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:47:05,009 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,017 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:47:05,019 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,020 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:47:05,022 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,023 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:47:05,025 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,027 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:47:05,029 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,030 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2023-11-26 10:47:05,033 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,040 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 65 [2023-11-26 10:47:05,041 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,050 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 70 [2023-11-26 10:47:05,051 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,052 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 78 [2023-11-26 10:47:05,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,054 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 87 [2023-11-26 10:47:05,055 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,056 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 100 [2023-11-26 10:47:05,057 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,059 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 107 [2023-11-26 10:47:05,060 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:05,061 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2023-11-26 10:47:05,061 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:47:05,061 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [70555988] [2023-11-26 10:47:05,062 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [70555988] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:47:05,062 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-26 10:47:05,062 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2023-11-26 10:47:05,062 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1208366551] [2023-11-26 10:47:05,062 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:47:05,063 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2023-11-26 10:47:05,063 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:47:05,063 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2023-11-26 10:47:05,064 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2023-11-26 10:47:05,064 INFO L87 Difference]: Start difference. First operand 4151 states and 7268 transitions. Second operand has 7 states, 7 states have (on average 10.714285714285714) internal successors, (75), 3 states have internal predecessors, (75), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:47:06,835 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:47:06,836 INFO L93 Difference]: Finished difference Result 10401 states and 18540 transitions. [2023-11-26 10:47:06,836 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2023-11-26 10:47:06,837 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.714285714285714) internal successors, (75), 3 states have internal predecessors, (75), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 115 [2023-11-26 10:47:06,837 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:47:06,904 INFO L225 Difference]: With dead ends: 10401 [2023-11-26 10:47:06,904 INFO L226 Difference]: Without dead ends: 6900 [2023-11-26 10:47:06,920 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 37 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=108, Unknown=0, NotChecked=0, Total=156 [2023-11-26 10:47:06,921 INFO L413 NwaCegarLoop]: 201 mSDtfsCounter, 1151 mSDsluCounter, 671 mSDsCounter, 0 mSdLazyCounter, 1208 mSolverCounterSat, 398 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1169 SdHoareTripleChecker+Valid, 872 SdHoareTripleChecker+Invalid, 1606 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 398 IncrementalHoareTripleChecker+Valid, 1208 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.4s IncrementalHoareTripleChecker+Time [2023-11-26 10:47:06,921 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1169 Valid, 872 Invalid, 1606 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [398 Valid, 1208 Invalid, 0 Unknown, 0 Unchecked, 1.4s Time] [2023-11-26 10:47:06,932 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 6900 states. [2023-11-26 10:47:07,399 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 6900 to 6823. [2023-11-26 10:47:07,421 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6823 states, 5554 states have (on average 1.68149081742888) internal successors, (9339), 5562 states have internal predecessors, (9339), 1243 states have call successors, (1243), 21 states have call predecessors, (1243), 25 states have return successors, (1360), 1241 states have call predecessors, (1360), 1242 states have call successors, (1360) [2023-11-26 10:47:07,454 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6823 states to 6823 states and 11942 transitions. [2023-11-26 10:47:07,456 INFO L78 Accepts]: Start accepts. Automaton has 6823 states and 11942 transitions. Word has length 115 [2023-11-26 10:47:07,456 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:47:07,456 INFO L495 AbstractCegarLoop]: Abstraction has 6823 states and 11942 transitions. [2023-11-26 10:47:07,457 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.714285714285714) internal successors, (75), 3 states have internal predecessors, (75), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:47:07,457 INFO L276 IsEmpty]: Start isEmpty. Operand 6823 states and 11942 transitions. [2023-11-26 10:47:07,485 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2023-11-26 10:47:07,485 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:47:07,486 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:47:07,486 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable15 [2023-11-26 10:47:07,486 INFO L420 AbstractCegarLoop]: === Iteration 17 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:47:07,486 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:47:07,487 INFO L85 PathProgramCache]: Analyzing trace with hash -285743320, now seen corresponding path program 1 times [2023-11-26 10:47:07,487 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:47:07,487 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [129421625] [2023-11-26 10:47:07,487 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:47:07,487 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:47:07,511 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,553 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:47:07,555 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,563 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:47:07,565 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,566 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:47:07,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,569 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:47:07,571 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,572 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:47:07,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,577 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2023-11-26 10:47:07,579 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,587 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2023-11-26 10:47:07,588 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,597 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 71 [2023-11-26 10:47:07,598 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,599 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 79 [2023-11-26 10:47:07,600 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,601 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 88 [2023-11-26 10:47:07,602 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,603 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 101 [2023-11-26 10:47:07,604 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,606 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 108 [2023-11-26 10:47:07,607 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:07,609 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2023-11-26 10:47:07,609 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:47:07,609 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [129421625] [2023-11-26 10:47:07,609 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [129421625] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:47:07,609 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-26 10:47:07,609 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2023-11-26 10:47:07,609 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1265428708] [2023-11-26 10:47:07,609 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:47:07,610 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2023-11-26 10:47:07,610 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:47:07,610 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2023-11-26 10:47:07,611 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2023-11-26 10:47:07,611 INFO L87 Difference]: Start difference. First operand 6823 states and 11942 transitions. Second operand has 7 states, 7 states have (on average 10.857142857142858) internal successors, (76), 3 states have internal predecessors, (76), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:47:09,552 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:47:09,552 INFO L93 Difference]: Finished difference Result 17380 states and 30951 transitions. [2023-11-26 10:47:09,553 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2023-11-26 10:47:09,553 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.857142857142858) internal successors, (76), 3 states have internal predecessors, (76), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 116 [2023-11-26 10:47:09,553 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:47:09,603 INFO L225 Difference]: With dead ends: 17380 [2023-11-26 10:47:09,603 INFO L226 Difference]: Without dead ends: 11573 [2023-11-26 10:47:09,626 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 37 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=108, Unknown=0, NotChecked=0, Total=156 [2023-11-26 10:47:09,627 INFO L413 NwaCegarLoop]: 194 mSDtfsCounter, 1148 mSDsluCounter, 661 mSDsCounter, 0 mSdLazyCounter, 1170 mSolverCounterSat, 396 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1166 SdHoareTripleChecker+Valid, 855 SdHoareTripleChecker+Invalid, 1566 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 396 IncrementalHoareTripleChecker+Valid, 1170 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.4s IncrementalHoareTripleChecker+Time [2023-11-26 10:47:09,627 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1166 Valid, 855 Invalid, 1566 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [396 Valid, 1170 Invalid, 0 Unknown, 0 Unchecked, 1.4s Time] [2023-11-26 10:47:09,641 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 11573 states. [2023-11-26 10:47:10,243 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 11573 to 11496. [2023-11-26 10:47:10,261 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 11496 states, 9405 states have (on average 1.680595427963849) internal successors, (15806), 9413 states have internal predecessors, (15806), 2065 states have call successors, (2065), 21 states have call predecessors, (2065), 25 states have return successors, (2260), 2063 states have call predecessors, (2260), 2064 states have call successors, (2260) [2023-11-26 10:47:10,305 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 11496 states to 11496 states and 20131 transitions. [2023-11-26 10:47:10,306 INFO L78 Accepts]: Start accepts. Automaton has 11496 states and 20131 transitions. Word has length 116 [2023-11-26 10:47:10,307 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-26 10:47:10,307 INFO L495 AbstractCegarLoop]: Abstraction has 11496 states and 20131 transitions. [2023-11-26 10:47:10,307 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.857142857142858) internal successors, (76), 3 states have internal predecessors, (76), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:47:10,307 INFO L276 IsEmpty]: Start isEmpty. Operand 11496 states and 20131 transitions. [2023-11-26 10:47:10,344 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 118 [2023-11-26 10:47:10,345 INFO L187 NwaCegarLoop]: Found error trace [2023-11-26 10:47:10,345 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-26 10:47:10,345 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable16 [2023-11-26 10:47:10,345 INFO L420 AbstractCegarLoop]: === Iteration 18 === Targeting outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION === [outgoing__wrappee__EncryptErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-26 10:47:10,346 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-11-26 10:47:10,346 INFO L85 PathProgramCache]: Analyzing trace with hash -613454649, now seen corresponding path program 1 times [2023-11-26 10:47:10,346 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-26 10:47:10,346 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1713768062] [2023-11-26 10:47:10,346 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-26 10:47:10,346 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-26 10:47:10,372 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,420 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-26 10:47:10,422 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,432 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-26 10:47:10,434 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,436 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-26 10:47:10,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,439 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-26 10:47:10,440 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,442 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-26 10:47:10,444 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,445 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2023-11-26 10:47:10,447 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,457 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2023-11-26 10:47:10,458 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,466 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2023-11-26 10:47:10,467 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,469 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 80 [2023-11-26 10:47:10,469 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,471 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 89 [2023-11-26 10:47:10,471 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,473 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 102 [2023-11-26 10:47:10,474 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,475 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 109 [2023-11-26 10:47:10,476 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-26 10:47:10,477 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2023-11-26 10:47:10,477 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-26 10:47:10,478 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1713768062] [2023-11-26 10:47:10,478 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1713768062] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-26 10:47:10,478 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-26 10:47:10,478 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2023-11-26 10:47:10,479 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1054512841] [2023-11-26 10:47:10,480 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-26 10:47:10,480 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2023-11-26 10:47:10,480 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-26 10:47:10,481 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2023-11-26 10:47:10,481 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2023-11-26 10:47:10,481 INFO L87 Difference]: Start difference. First operand 11496 states and 20131 transitions. Second operand has 7 states, 7 states have (on average 11.0) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) [2023-11-26 10:47:12,670 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-26 10:47:12,671 INFO L93 Difference]: Finished difference Result 27506 states and 48769 transitions. [2023-11-26 10:47:12,671 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2023-11-26 10:47:12,671 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 11.0) internal successors, (77), 3 states have internal predecessors, (77), 2 states have call successors, (15), 6 states have call predecessors, (15), 1 states have return successors, (12), 2 states have call predecessors, (12), 2 states have call successors, (12) Word has length 117 [2023-11-26 10:47:12,672 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-26 10:47:12,760 INFO L225 Difference]: With dead ends: 27506 [2023-11-26 10:47:12,760 INFO L226 Difference]: Without dead ends: 17957 [2023-11-26 10:47:12,794 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 37 GetRequests, 26 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=108, Unknown=0, NotChecked=0, Total=156 [2023-11-26 10:47:12,795 INFO L413 NwaCegarLoop]: 186 mSDtfsCounter, 1150 mSDsluCounter, 630 mSDsCounter, 0 mSdLazyCounter, 1142 mSolverCounterSat, 394 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1169 SdHoareTripleChecker+Valid, 816 SdHoareTripleChecker+Invalid, 1536 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 394 IncrementalHoareTripleChecker+Valid, 1142 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.4s IncrementalHoareTripleChecker+Time [2023-11-26 10:47:12,795 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1169 Valid, 816 Invalid, 1536 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [394 Valid, 1142 Invalid, 0 Unknown, 0 Unchecked, 1.4s Time] [2023-11-26 10:47:12,817 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 17957 states.